Malware type: Exploit

Aliases: Downloader(Symantec), Mal/JSShell-B(Sophos), Exploit.JS.Agent.ar(Kaspersky), HTML/Shellcode.Gen(Avira), HTML/IFrameBoF (exact)(F-Prot), JS/Exploit-BO.gen(McAfee)

In the wild: Yes

Destructive: No

Language: English

Platform: Windows 98, ME, NT, 2000, XP, Server 2003

Encrypted: No

Description: 

This is the detection of Trend Micro for specially crafted HTML scripts that exploit certain vulnerabilities in Yahoo! Music Jukebox functions.

It also takes advantage of a zero-day exploit for the Lianzong Game Platform, a popular Chinese gaming platform.

Successfully exploiting the said vulnerabilities can allow remote users to issue commands on the affected system, or download malicious files from an unknown site.

For additional information about this threat, see:
Solution
Technical Details

Description created: Feb. 5, 2008 11:42:20 PM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.