Exploit:HTML/IFrame is an exploit of a flaw in Internet Explorer's handling of certain MIME types. The vulnerability impacts Microsoft Internet Explorer 5.01 (previous to Service Pack 2), and Microsoft Internet Explorer 5.5.

 

An update to address the flaw was released in March 2001. Details on the vulnerability can be found in the Microsoft Security Bulletin MS01-020 at http://www.microsoft.com/technet/security/bulletin/MS01-020.mspx.

TrojanDownloader:Win32/Stalni.gen is a generic detection for the payload delivered by the threats detected as Exploit:Win32/Pdfjsc.A, and Exploit:JS/Pdfcmi.A. This malicious code may be executed due to a vulnerability in Acrobat Reader version 8.1.1 (or earlier).

Exploit:JS/Pdfcmi.A is a detection for a specially crafted JavaScript code, embedded in a malformed Portable Document Format (PDF) file, that will take advantage of a buffer overflow vulnerability in Adobe Reader version 8.1.1, and earlier.

TrojanDownloader:Win32/Swif.M is a trojan that attempts to exploit a vulnerability in Adobe Shockwave Flash. Successful exploitation of this vulnerability could result in arbitrary code execution. In the wild, this trojan has been used in order to download arbitrary files onto an affected system.

TrojanDownloader:QT/Waick.A is the detection for specially-crafted, malicious Quicktime media files that are used to encourage users to download and execute arbitrary files on the computer. When opened with Quicktime Player, these malicious files open a particular URL in a web browser.

Exploit:Win32/FVRestart is a detection for specially crafted OpenType font files (.otf) that when opened via Fontview.exe could cause Windows to restart.

TrojanDownloader:BAT/Lnkget.AO is a malicious Windows Shortcut File (.LNK) that attempts to download and run a file from a certain website.

Exploit:Win32/CVE-2010-3654.A is a detection for files that exploit a vulnerability in Adobe Flash Player version 10 through 10.1.85.3, and in Adobe Reader and Acrobat version 9 through 9.4. The vulnerability is tracked using the CVE identifier CVE-2010-3654.

Exploit:SWF/Blacole.A is a detection for malicious code within specially crafted Adobe Shockwave flash (.SWF) files. The malicious files are commonly distributed via an exploit kit, known as "Blackhole", within compromised webpages. The malware is capable of redirecting a web browser to another specified website and downloading and executing arbitrary files.

Exploit:SWF/Blacole.E is the detection for malicious code within specially crafted Adobe Shockwave Flash (.SWF) files. The malicious files are commonly distributed via an exploit kit, known as "Blackhole", within compromised webpages. The malware is capable of redirecting a web browser to another specified website and downloading and executing arbitrary files.

Exploit:JS/Blacole.BD is the detection for malicious JavaScript that contains exploit code and is distributed as components of the "Blackhole kit". If the computer runs a vulnerable version of certain software and exploitation is successful, various malware may be downloaded.

Exploit:JS/CVE-2010-0886 is a detection for JavaScript code that exploits a vulnerability in the Java Deployment Toolkit (CVE-2010-0886). The vulnerability allows loading of arbitrary Java code with the user privileges, which may lead to downloading and executing arbitrary files or malware.

Trojan:Java/Selace.B is a detection for a malicious Java class that attempts to compromise the computer it is running on by downloading and executing malware. It is bundled with Exploit:Java/CVE-2008-5353.B in a Java applet and may be executed by Trojan:Java/Selace.A with full privileges ('AllPermissions').

Exploit:Win32/CVE-2009-3129 is the detection for an exploit targeting a Microsoft Excel vulnerability. This vulnerability allows the execution of arbitrary code with the privileges of the currently logged-on user.