F-Secure Malware Information Pages: Exploit:HTML/IESlice.BK

Main Index

Security Guide

F-Secure World Map

Security Alerts

Virus Statistics

Malware Removal Tools

Malware Code Glossary

Submit Malware Sample

Select local site

Main Index » Security Centre » Descriptions

F-Secure Malware Information Pages: Exploit:HTML/IESlice.BK

[Summary] \| [Detailed Description]
Name :	Exploit:HTML/IESlice.BK
Alias:	Exploit.HTML.IESlice.bk, JS/Xunlei.A
Type:	Exploit
Category:	Malware
Platform:	JS

Radar

Summary

Exploit:HTML/IESlice.BK exploits a vulnerability in an ActiveX control used by Xunlei Thunder 5.7.4.401.

Malicious or compromised websites use the exploit to download and execute arbitrary code.

Back to the Top

Detailed Description

Exploit:HTML/IESlice.BK is a script that exploits a heap-based buffer overflow in the PPlayer.XPPlayer.1 ActiveX control used by the pplayer.dll_1_work DLL of Xunlei Thunder 5.7.4.401.

Sucessful exploitation allows the attacker to download and execute arbitrary code on the victim's computer.

Exploitation is done via a malicious webpage containing the detected script.

This vulnerability is under review as CVE-2007-6144.

Exploit:HTML/IESlice.BK will attempt to download a file from the following URL and execute it:

http://9gg.biz/real.exe

The URL was inactive during investigations.

Back to the Top

F-Secure Corporation

Last Modified: April 29, 2008