|Detected||Aug 27 2010 08:50 GMT|
|Released||Aug 27 2010 17:30 GMT|
|Published||Apr 04 2011 14:04 GMT|
This exploit uses a vulnerability in Sun Microsystems Java (CVE-2009-3867). It is a Java class file. It is 3412 bytes in size.
This exploit is a Java applet. It is launched from an infected HTML page using the "<APPLET>" tag. This exploit includes a class file named "seopack", which exploits vulnerability CVE-2009-3867 (CVE-2009-3867). The vulnerable "MidiSystem.getSoundbank" function is called with a string parameter of a certain length. This causes buffer overflow and launches the shell code. This shell code's byte sequence is created from data, sent to the applet in "sc" and "np" parameters of the "<APPLET>" tag.
If your computer does not have antivirus protection and has been infected by this malicious program, follow the instructions below to delete it:
Exploits are programs that contain data or executable code which take advantage of one or more vulnerabilities in software running on a local or remote computer for clearly malicious purposes.
Often, malicious users employ an exploit to penetrate a victim computer in order to subsequently install malicious code (for example, to infect all visitors to a compromised website with a malicious program). Additionally, exploits are commonly used by Net-Worms in order to hack a victim computer without any action being required from the user.
Nuker programs are notable among exploits; such programs send specially crafted requests to local or remote computers, causing the system to crash.