Exploit:Java/CVE-2010-0840.EX is the detection for a malicious and obfuscated Java class that exploits the vulnerability described in CVE-2010-0840. Successful exploitation may lead to the download and execution of arbitrary files within the user's security context.

Exploit:Win32/CVE-2010-1885.A is a detection for a cross-site scripting method that exploits a vulnerability (CVE-2010-1885) in Windows Help and Support Center that could allow an attacker to run arbitrary code on the local computer.

Exploit:Java/CVE-2010-0094.N is the detection for files that exploit a vulnerability which affects the Java Runtime Environment (JRE) up to and including version 6 update 18. The vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to a host system, outside its "sand box" environment.

 

The vulnerability can be exploited by malware to gain access to a user's computer to download and install malicious programs. The malware installation may occur when a malicious Java applet is executed by a vulnerable JRE. This scenario can occur when a user visits a malicious webpage that hosts such an applet. Note that a number of legitimate websites could be compromised or unwillingly host a malicious applet through advertising frames which could redirect to or host a malicious Java applet.

Exploit:Win32/CVE-2010-4398 is a detection for exploit code that attempts to exploit a vulnerability discussed in CVE-2010-4398. Successful exploitation could allow allows local users to gain privileges and bypass the User Account Control (UAC) feature of Windows.

Exploit:Java/CVE-2010-0840.BC is the detection for a malicious Java applet trojan that exploits a vulnerability described in CVE-2010-0840. Successful exploitation may lead to the downloading and execution of arbitrary files under the user's security context.

Exploit:Java/CVE-2010-0842.G is a Java-based trojan that exploits the CVE-2010-0842 vulnerability, also known as Sun Java Runtime Environment (JRE) MIDI File metaEvent Remote Code Execution Vulnerability.

 

The vulnerability exploits a failure to check for boundary conditions when parsing metaEvent structure by the MixerSequencer handling code.

Exploit:Java/CVE-2010-0840.NT is a malicious Java applet that exploits a vulnerability of privilege escalation in JRE (Java Runtime Environment) versions 5 and 6 as described in CVE-2010-0840. The Java exploit is a component of the "Blackhole" exploit pack and is hosted on compromised web sites.

Windows Defender detects and removes this threat.

This threat uses a vulnerability in your software to download other malware.

It runs when you visit a hacked website and you have a vulnerable version of Java installed on your PC. A number of legitimate websites could be hacked or unwillingly host this threat.

The following versions of Java are vulnerable:

• Oracle Java SE and Java for Business 6 Update 18 and earlier

To check if you're running a vulnerable version of Java:

1. Go to the control panel (Select Start then Control Panel)
2. Select Programs. If Java is installed you will see it in the list of installed programs. Click it to open the Java Control Panel.
3. On the General tab, click About to see which version of Java you have installed.

You might get a detection for this threat if you visit a website that has the malicious code, even if you're not using a vulnerable version of Java. This doesn't mean that you have been hacked; it means someone has tried to hack into your PC.

The vulnerability that this threat exploits is described in CVE-2010-0840.

Exploit:Java/CVE-2010-0840.AV is a detection for an obfuscated malicious Java class applet component that exploits the vulnerability described in CVE-2010-0840. Successful exploitation leads to arbitrary code execution.

Exploit:Win32/CVE-2010-3962.B is the detection for a Javascript that attempts to exploit a vulnerability in Internet Explorer.

Exploit:JS/CVE-2010-0806 is a detection for specially crafted JavaScript that is designed to attempt to exploit the reported vulnerability described by Microsoft Security Advisory 981374.

 

Internet Explorer 8 on Microsoft Windows 2000 Service Pack 4 is not affected by this vulnerability. Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, and Internet Explorer 6 and Internet Explorer 7 are vulnerable.

Exploit:Java/CVE-2010-0840.BK is a detection for a malicious Java applet trojan that exploits a vulnerability described in CVE-2010-0840. Successful exploitation may lead to the downloading and execution of arbitrary files under the user's security context.

Exploit:Java/CVE-2010-0842.N is a detection for a malicious Java class that exploits a vulnerability discussed in CVE-2010-0842.

Exploit:Java/CVE-2010-0840.DV is the detection for a malicious and obfuscated Java class that exploits the vulnerability in Java described in CVE-2010-0840. Successful exploitation leads to remote code execution.

Java/CVE-2010-0094.BL is a Java applet stored within a Java Archive (.JAR) that attempts to exploit a vulnerability in the Java Runtime Environment (JRE) up to and including version 6 update 18. The vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to a host system outside its "sandbox" environment. It is discussed in CVE-2010-0094.

If you visit a website containing the malicious code while using a vulnerable version of Java, Exploit:Java/CVE-2010-0094.BL  is loaded. It then attempts to download and execute files from a remote host/URL. The files that are downloaded and executed could be any of the attacker's choice and could include additional malware.

Exploit:Win32/CVE-2010-3654.A is a detection for files that exploit a vulnerability in Adobe Flash Player version 10 through 10.1.85.3, and in Adobe Reader and Acrobat version 9 through 9.4. The vulnerability is tracked using the CVE identifier CVE-2010-3654.

Exploit:Java/CVE-2010-0094.DH is a Java based vulnerability which affects Java Runtime Environment (JRE) up to version 6 release 18 inclusive. The vulnerability makes it possible for untrusted code to gain full privileges at the level of the user's browser security scope.