Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Exploit:HTML/IESlice.BK


Aliases:


Exploit:HTML/IESlice.BK

Malware
Exploit
JS

Summary

Exploit:HTML/IESlice.BK exploits a vulnerability in an ActiveX control used by Xunlei Thunder 5.7.4.401.

Malicious or compromised websites use the exploit to download and execute arbitrary code.



Disinfection & Removal

Automatic Disinfection

Allow F-Secure Anti-Virus to disinfect the relevant files.

For more general information on disinfection, please see Removal Instructions.



Technical Details

Exploit:HTML/IESlice.BK is a script that exploits a heap-based buffer overflow in the PPlayer.XPPlayer.1 ActiveX control used by the pplayer.dll_1_work DLL of Xunlei Thunder 5.7.4.401.

Sucessful exploitation allows the attacker to download and execute arbitrary code on the victim's computer.

Exploitation is done via a malicious webpage containing the detected script.

This vulnerability is under review as CVE-2007-6144.

Exploit:HTML/IESlice.BK will attempt to download a file from the following URL and execute it:

  • http://9gg.biz/real.exe

The URL was inactive during investigations.







Submit a sample




Wondering if a file or URL is malicious? Submit a sample to our Lab for analysis via the Sample Analysis System (SAS)

Give And Get Advice




Give advice. Get advice. Share the knowledge on our free discussion forum.