Security Blog

 

November 3, 2009
Threat Lab Report: Troj.Downloader.JS.Agent.eda

Description of Report (Troj.Downloader.JS.Agent.eda):

This malicious program exploits vulnerability CVE-2008-4728.
The DeployRun.DeploymentSetup.1 (DeployRun.dll) ActiveX control with the CLSID:7F9B30F1-5129-4F5C-A76C-CE264A6C7D10 is prone to some vulnerabilities in the Hummingbird Deployment Wizard. The vulnerabilities are caused due to the DeployRun.DeploymentSetup.1 ActiveX control providing insecure "Run()", "SetRegistryValueAsString()", and "PerformUpdateAsync()" methods. The vulnerabilities allow remote attackers to execute arbitrary programs via the Run() and PerformUpdateAsync() methods, and modify arbitrary registry values via the SetRegistryValueAsString() method.

Affected Version: Hummingbird Deployment Wizard 2008

Posted by: Netgear Threat Lab at 1:34 PM
Categories: Malware , Netgear Threat Lab

No TrackBacks

TrackBack URL: http://prosecure.netgear.com/cgi-bin/mt/mt-tb.cgi/56

Comments

Back to Top

Partner Login

The PowerShift Program puts a world of resources at your fingertips.

Login Page:
http://www.netgear.com/Partners/
Powershift.aspx

Apply to be a Partner:
http://info.netgear.com/forms/powershift

Forget Password:
http://www.netgear.com/Extranet/
ForgotPassword.aspx

In This Section

Categories

 

Recent Posts

 

Monthly Archives

 
 
Lijit Search