ViRobot

Security Info

  • Security Center
    • Virus
  • Security Dictionary
  • Security Service

Threats DB

HTML.S.Iframe.14818

Aliases  
Typical Symptoms  
Discovered  [korea] 0000-00-00
 [Foreign] 0000-00-00
Type  Others ActiveField  java
Destory/Distribution
Origin  others Encryption  NO
Location  Script Memory residence  NO
Scan engine needed
2011-08-20 [Able to detect & repair]
  • Free scan
  • Free trial download
Description

A. Route of Infection

    HTML.S.Iframe.14818 does not spread out as itself, and it is downloaded from hacked site or ARP Spoofing attack.

B. Symptom of Infection

    1) Use vulnerability of UfPBCtrl.dll code execution.

[PIC 1] UfPBCtrl.dll code execution vulnerability

 

    2) Malicious URL is inserted by using Iframe.

[PIC 2] Inserted Iframe

 

    3) Connect to user request page and load the inserted page by iframe.

[PIC 3] Connect to iframe inserted address

 

    4) Malicious files can be downloaded from iframe inserted pages.
Removal Instructions

[How to repair]

Reparable by ViRobot engine ver.2011-08-20.00 or above.
List
Copyright 2008 @ HAURI Inc. All rights reserved. SiteMap