|
|
|  |
|
|
|
|
F-Secure Malware Information Pages: Trojan-Downloader:JS/Agent.ANI

|
|
|
| Radar |
 |
|
|
|
Summary
|
| Trojan-Downloader:JS/Agent.ANI exploits a vulnerability in a PPStream ActiveX control to download and execute arbitrary code on the exploited system. |
|
|
|
Detailed Description
|
Trojan-Downloader:JS/Agent.ANI exploits a buffer overflow vulnerability in the PowerPlayer.dll ActiveX control in PPStream versions 2.0.1.3829.
It injects a shellcode that downloads and executes arbitrary files.
The downloaded file is saved to the following location:
The vulnerability is referenced as CVE candidate CVE-2007-4748. |
|
|
|
F-Secure Corporation |
|
|
|
|
|
Last Modified: April 29, 2008
|
|
|
|
|