Exploit.SWF.Gen
MEDIUM
MEDIUM
846
()
Symptoms
The presence of some Trojan.PWS files and an outdated version of FlashPlayer
Removal instructions:
This file can't be disinfected. Just keep the shield up. Please let BitDefender disinfect your computer(if the exploit succeeded then it's 99% you have a Trojan.PWS on your computer)
Analyzed By
Alexandru Maximciuc, virus researcher
Technical Description:
Specifically crafted SWF(flash files) files allow remote file execution when the client has a vulnerable FlashPlayer.A malformed SWF record's value triggers a buffer overflow. The size of the SWF files vary. Usually it's a download and execute shellcode used to download and run a PasswordStealer trojan. It seems that all versions of flashplayer up to 9.0.124.0 are vulnerable ( though we saw malicious pages trying to exploit only version 115 and 47). We recommend keeping FlashPlayer up to date.. Also, keep the BitDefender shield active.
SHARE
THIS ON