Exploit:Win32/Pdfjsc.X is a detection for a Portable Document Format (PDF) file that exploits one or more PDF vulnerabilities. When opened using vulnerable versions of Adobe Acrobat or Adobe Reader, Exploit:Win32/Pdfjsc.X exploits the vulnerabilities tracked in CVE-2007-5659 and CVE-2008-2992. Successful exploitation of the vulnerability activates the contained payload.

Exploit:Win32/Pdfjsc.Y is a detection for malicious PDF files that attempt to exploit the heap corruption vulnerability in a component (U3D) in Adobe Reader and Acrobat 10.1.1 and earlier, described in CVE-2011-2462. An attacker may create specially-crafted malicious PDF files to trigger the memory corruption, and possibly execute arbitrary code to run malicious JavaScript and shellcode. It may also connect to remote websites.

Exploit:Win32/Pdfjsc.D is the detection for a PDF file that exploits several PDF (Portable Document Format) vulnerabilites.

Exploit:Win32/Pdfjsc.J is a detection for specially-crafted PDF files that target software vulnerabilities in Adobe Acrobat and Adobe Reader. Once the malformed PDF files are opened by vulnerable versions of Adobe Acrobat and Reader, the embedded JavaScript loads the exploit. The exploit may execute arbitrary code of the attacker's choice, however, it is often used to download and execute additional malware on the affected computer.

TrojanDownloader:Win32/Stalni.gen is a generic detection for the payload delivered by the threats detected as Exploit:Win32/Pdfjsc.A, and Exploit:JS/Pdfcmi.A. This malicious code may be executed due to a vulnerability in Acrobat Reader version 8.1.1 (or earlier).

Exploit:JS/Pdfcmi.A is a detection for a specially crafted JavaScript code, embedded in a malformed Portable Document Format (PDF) file, that will take advantage of a buffer overflow vulnerability in Adobe Reader version 8.1.1, and earlier.

Exploit:Win32/Pdfjsc.GR is a detection for specially-crafted PDF files that target software vulnerabilities in Adobe Acrobat and Adobe Reader. Once the malformed PDF files are opened by vulnerable versions of Adobe Acrobat and Reader, the embedded JavaScript is executed and loads the exploit.

 

 

Exploit:Win32/Pdfjsc.NJ is the detection for a PDF file that contains an obfuscated JavaScript. This JavaScript exploits certain vulnerabilities, such as CVE-2010-0188, in Adobe Acrobat and Adobe Reader, allowing it to download arbitrary files into the affected computer.

Exploit:Win32/Pdfjsc.OL is the detection for malicious Portable Document Format (PDF) files that contain an obfuscated JavaScript. These files exploit a vulnerability in Adobe Acrobat and Adobe Reader that allows it to download and execute arbitrary files. The vulnerability is discussed in the following links:

• CVE-2010-0188
• APSB10-07

Exploit:Win32/Pdfjsc.AD is the detection for a PDF file that exploits several PDF (Portable Document Format) vulnerabilities. It runs another malware that connects to a remote Web site, possibly to download other malware.