Nom:EXP/CVE-2011-3402.B
La date de la découverte:05/12/2012
Type:Exploit
En circulation:Non
Infections signalées Moyen
Potentiel de distribution:Faible
Potentiel de destruction:Faible
Fichier statique:Non
Taille du fichier:~ 4.201 Octets
Version VDF:7.11.52.188 - mercredi 5 décembre 2012
Version IVDF:7.11.52.188 - mercredi 5 décembre 2012

 Général Les alias:
   •  Symantec: Trojan.Gen.2
   •  Kaspersky: Exploit.Win32.CVE-2011-3402.b
   •  Sophos: Troj/DexFont-A


Plateformes / Systèmes d'exploitation:
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7


Effets secondaires:
   • Peut être utilisé pour exécuter un code malveillant
   • Il emploie les vulnérabilités de software
      •  CVE-2011-3402

 Détection spéciale CVE-2011-3402

Description:
The exploit EXP/CVE-2011-3402 is targeting the True-Type-Font parsing engine which is run in kernel-mode. This fact makes this exploit very dangerous as an attacker can gain system level privileges.

An exploit gives the attacker the ability to install programs/drivers, view, change, or delete data or he could create new accounts with full user rights.

In an e-mail scenario the exploit needs user interaction (for instance by opening a malicious word document) to get executed. The discovered exploit comes in the form of a Microsoft word document.

Other possibilities may include using embedded TTF fonts in other types of files such as PDF.

Description inserted by Martin Muench on 30 Aralık 2012 Pazar
Description updated by Martin Muench on 30 Aralık 2012 Pazar

Geri . . . .

© 2013 Avira Operations GmbH & Co. KG. Her hakkı saklıdır.

Hesabım

https:// Bu pencere güvenlik amacıyla şifrelenmiştir.