Exploit:Java/CVE-2010-0094.T is the detection for files that exploit a vulnerability which affects the Java Runtime Environment (JRE) up to and including version 6 update 18. The vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to a host system, outside its "sand box" environment.

Exploit:Java/CVE-2010-0094.AA is the detection for malicious Java applet stored within a Java Archive (.JAR) that attempts to exploit a vulnerability in the Java Runtime Environment (JRE) up to and including version 6 update 18. The vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to a host system, outside its "sand box" environment.

Exploit:Java/CVE-2010-0840.Z is a detection for a malicious Java class that exploits the vulnerability described in CVE-2010-0840. Successful exploitation leads to remote code execution.

Exploit:Win32/CVE-2010-3971 is the detection for a vulnerability in Internet Explorer discussed in the following articles:

 

 

Exploit:Win32/CVE-2010-3970 is the detection for a file that exploits a vulnerability in the Windows Graphics Rendering Engine (GRE). An attacker who successfully exploits this vulnerability could run arbitrary code in the security context of the logged-on user. Exploitation can occur by simply browsing to a folder containing the malicious file. No further user interaction is required. More information about the vulnerability is available in the following articles:

 

Exploit:Java/CVE-2010-0840.AY is a detection for an obfuscated malicious Java class applet component that exploits the vulnerability described in CVE-2010-0840. Successful exploitation leads to arbitrary code execution.

Exploit:JS/CVE-2010-0806.B is a detection for malicious JavaScript that attempts to exploit a vulnerability discussed in CVE-2010-0806 and mitigated in Microsoft Security Bulletin MS10-018 released in March 2010. By exploiting this vulnerability, an attacker may be able to execute remote arbitrary code on a vulnerable computer.

Exploit:Java/CVE-2010-3552.A is a detection for HTML code that uses a certain Java plug-in to exploit a vulnerability in Java described in CVE-2010-3552, otherwise known as the Java Skyline exploit. Successful exploitation leads to remote code execution.

Exploit:Java/CVE-2010-0840.DB is a detection for an obfuscated malicious Java class applet component that exploits the vulnerability described in CVE-2010-0840. Successful exploitation may lead to the downloading and execution of arbitrary files under the user's security context.

Exploit:Java/CVE-2010-0840.DU is a detection for an obfuscated malicious Java class applet component that exploits the vulnerability described in CVE-2010-0840. Successful exploitation leads to remote code execution.

Exploit:Java/CVE-2010-0840.DW is the detection for a malicious and obfuscated Java class that exploits the vulnerability described in CVE-2010-0840. Successful exploitation may lead to the download and execution of arbitrary files within the user's security context.

Exploit:Java/CVE-2010-0840.DN is the detection for a malicious and obfuscated Java class that exploits the vulnerability in Java described in CVE-2010-0840. Successful exploitation leads to remote code execution.

Exploit:Win32/CVE-2010-2572.A is the detection for specially-crafted Microsoft Powerpoint files that exploit a vulnerability addressed by Microsoft Security Bulletin MS10-088. This vulnerability may allow attackers to execute arbitrary code that can drop files, install programs or modify data without the user's knowledge or consent.

Exploit:Java/CVE-2010-0840.MB is a detection for malicious Java applets that exploit the vulnerability described in CVE-2010-0840. Successful exploitation may lead to the downloading and execution of arbitrary files under the user's security context.

Exploit:Win32/CVE-2010-0817 is the detection for a file that may try to exploit a cross-site scripting (XSS) vulnerability in the file "help.aspx" in Microsoft SharePoint Server 2007.

Exploit:Win32/CVE-2010-2883.A is a generic detection for specially-crafted PDF files that attempt to exploit the Acrobat SING Table Handling vulnerability CVE-2010-2883. Successful exploitation may lead to denial of service or execution of arbitrary code.