Skip to main content
Skip to main content
Microsoft Security Intelligence
500 entries found. Displaying page 7 of 25.
Updated on Apr 11, 2011
Exploit:Java/CVE-2010-0094.A is the detection for files that exploit a vulnerability which affects the Java Runtime Environment(JRE) up to and including version 6 update 18. The vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to a host system, outside its "sand box" environment.
 
The vulnerability can be exploited by malware to gain access to a user's computer to download and install malicious programs. The malware installation may occur when a malicious Java applet is executed by a vulnerable JRE. This scenario can occur when a user visits a malicious webpage that hosts such an applet. Note that a number of legitimate websites could be compromised or unwillingly host a malicious applet through advertising frames which could redirect to or host a malicious Java applet.
Alert level: severe
Updated on Apr 11, 2011
Exploit:Win32/CVE-2010-1885.A is a detection for a cross-site scripting method that exploits a vulnerability (CVE-2010-1885) in Windows Help and Support Center that could allow an attacker to run arbitrary code on the local computer.
Alert level: severe
Updated on Apr 11, 2011
Exploit:Java/CVE-2010-0094.N is the detection for files that exploit a vulnerability which affects the Java Runtime Environment (JRE) up to and including version 6 update 18. The vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to a host system, outside its "sand box" environment.
 
The vulnerability can be exploited by malware to gain access to a user's computer to download and install malicious programs. The malware installation may occur when a malicious Java applet is executed by a vulnerable JRE. This scenario can occur when a user visits a malicious webpage that hosts such an applet. Note that a number of legitimate websites could be compromised or unwillingly host a malicious applet through advertising frames which could redirect to or host a malicious Java applet.
Alert level: severe
Updated on Apr 11, 2011
Exploit:Java/CVE-2010-0842.G is a Java-based trojan that exploits the CVE-2010-0842 vulnerability, also known as Sun Java Runtime Environment (JRE) MIDI File metaEvent Remote Code Execution Vulnerability.
 
The vulnerability exploits a failure to check for boundary conditions when parsing metaEvent structure by the MixerSequencer handling code.
Alert level: severe
Updated on Apr 11, 2011
Exploit:Win32/CVE-2010-4398 is a detection for exploit code that attempts to exploit a vulnerability discussed in CVE-2010-4398. Successful exploitation could allow allows local users to gain privileges and bypass the User Account Control (UAC) feature of Windows.
Alert level: severe
Updated on Nov 22, 2011

Exploit:Java/CVE-2010-0842.P is a detection for a malicious and encrypted Java class that exploits the vulnerability described in CVE-2010-0842, also known as the "Sun Java Runtime Environment (JRE) MIDI File metaEvent Remote Code Execution Vulnerability". When a user visits a website that contains the malware using a system that has a vulnerable version of Sun Java, security checks may be bypassed which could allow arbitrary code execution.

Alert level: severe
Updated on Dec 16, 2011

Exploit:Win32/CVE-2010-1885 is a detection for a cross-site scripting method that exploits a vulnerability in Windows Help and Support Center that could allow an attacker to run arbitrary code on the affected computer.

Alert level: severe
Updated on Apr 11, 2011
This is a detection for a malicious JavaScript that attempts to exploit a vulnerability in the web browser Firefox versions 3.6.8, 3.6.9, 3.6.10 and 3.6.11 as discussed in CVE-2010-3765. The exploit could download and execute arbitrary code. In the wild, this exploit is known to download and execute Backdoor:Win32/Belmoo.A.
Alert level: severe
Updated on May 11, 2011

Exploit:Java/CVE-2010-0094.DB is a Java based malware that exploits a vulnerability discussed in CVE-2010-0094. The vulnerability affects Java Runtime Environment (JRE) up to version 6 release 18 inclusive, and makes it possible for untrusted code to gain the user's security context privileges.

Alert level: severe
Updated on Apr 10, 2012

Exploit:Java/CVE-2010-0842 is a detection name for Java malware that exploits a vulnerability discussed in CVE-2010-0842. Successful exploitation of the vulnerability could lead to the execution of arbitrary code.

Alert level: severe
Updated on May 06, 2011

Exploit:Win32/CVE-2010-3962.B is the detection for a Javascript that attempts to exploit a vulnerability in Internet Explorer.

Alert level: severe
Updated on Apr 11, 2011
Exploit:JS/CVE-2010-0806 is a detection for specially crafted JavaScript that is designed to attempt to exploit the reported vulnerability described by Microsoft Security Advisory 981374.
 
Internet Explorer 8 on Microsoft Windows 2000 Service Pack 4 is not affected by this vulnerability. Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, and Internet Explorer 6 and Internet Explorer 7 are vulnerable.
Alert level: severe
Updated on Oct 08, 2012

Java/CVE-2010-0094.BL is a Java applet stored within a Java Archive (.JAR) that attempts to exploit a vulnerability in the Java Runtime Environment (JRE) up to and including version 6 update 18. The vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to a host system outside its "sandbox" environment. It is discussed in CVE-2010-0094.

If you visit a website containing the malicious code while using a vulnerable version of JavaExploit:Java/CVE-2010-0094.BL  is loaded. It then attempts to download and execute files from a remote host/URL. The files that are downloaded and executed could be any of the attacker's choice and could include additional malware.

Alert level: severe
Updated on Apr 11, 2011
Exploit:Java/CVE-2010-0094.DH is a Java based vulnerability which affects Java Runtime Environment (JRE) up to version 6 release 18 inclusive. The vulnerability makes it possible for untrusted code to gain full privileges at the level of the user's browser security scope.
Alert level: severe
Updated on Apr 11, 2011
Exploit:Win32/CVE-2010-3654.A is a detection for files that exploit a vulnerability in Adobe Flash Player version 10 through 10.1.85.3, and in Adobe Reader and Acrobat version 9 through 9.4. The vulnerability is tracked using the CVE identifier CVE-2010-3654.
Alert level: severe
Updated on Jul 04, 2011

Exploit:Java/CVE-2010-0842.N is a detection for a malicious Java class that exploits a vulnerability discussed in CVE-2010-0842.

Alert level: severe
Updated on Apr 27, 2011
Exploit:Java/CVE-2010-0842.A is a detection for Java malware that exploits a vulnerability discussed in CVE-2010-0842. Successful exploitation of the vulnerability could lead to the execution of arbitrary code.
Alert level: severe
Updated on Apr 11, 2011
Exploit:Win32/CVE-2010-3962.A is a detection for a specially-crafted HTML script that is designed to attempt to exploit the reported vulnerability described by Microsoft Security Advisory 2458511. The vulnerability affects Internet Explorer 6, Internet Explorer 7 and Internet Explorer 8. By exploiting this vulnerability, an attacker may be able to execute arbitrary code on a vulnerable computer.
Alert level: severe
Updated on Apr 11, 2011
Exploit:Win32/CVE-2010-3620 is a detection for malformed PDF files that attempt to exploit a vulnerability in certain Adobe Acrobat and Adobe Reader versions. The vulnerability allows an attacker to execute arbitrary code via a specially-crafted image.
Alert level: severe
Updated on May 24, 2011

Exploit:HTML/CVE-2010-4452.A is the detection for an HTML file that exploits a vulnerability in Java described in CVE-2010-4452.

Alert level: severe