Login or Register to Ask a Question and Join Our Community


Malware Advisories (RSS)

Js_realplay.j

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Malware Advisories (RSS) Js_realplay.j
# 1  
Old 12-25-2007
Js_realplay.j
This exploit is hosted on a Web site and runs when a user accesses the said Web site.
It takes advantage of a known vulnerability in several versions of the media player RealPlayer that causes a stack overflow and allows the download of possibly malicious files on the affected system.
Before exploiting the abovementioned vulnerability, this exploit first checks if the affected machine is running Windows 2000 or Windows XP with Internet Explorer 6 or 7. It also checks if RealPlayer is installed on the system and what version of the player is installed to determine the first few bytes of shell code that it writes on the affected system.
Once it successfully exploits the said vulnerability, this exploit connects to a certain URL to download a malicious file which is detected by Trend Micro as PE_MUMAWOW.AO-O. As a result, malicious routines of the downloaded file may be exhibited on the affected system.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

jifty::web::session::apachesession

Jifty::Web::Session::ApacheSession(3pm) 		User Contributed Perl Documentation		   Jifty::Web::Session::ApacheSession(3pm)

NAME

       Jifty::Web::Session::ApacheSession - Jifty Sessions based on Apache::Session

SYNOPSIS

       In your etc/config.yml, using the Apache::Session::File backend:

	 framework:
	   Web:
	     SessionClass: Jifty::Web::Session::ApacheSession
	     SessionBackend: File
	     SessionOptions:
	       Directory: /tmp/sessions
	       LockDirectory: /var/lock/sessions

       Or with Apache::Session::Memorycached backend:

	 framework:
	   Web:
	     SessionClass: Jifty::Web::Session::ApacheSession
	     SessionBackend: Memorycached
	     SessionOptions: { servers: [ '127.0.0.1:11211' ] }

   new
       Returns a new, empty session handler, subclassing Jifty::Web::Session.

   id
       Returns the session's id if it has been loaded, or "undef" otherwise.

   create
       Creates a new session.

   load [ID]
       Load up the current session from the given "ID", or the appropriate cookie (see "cookie_name" in Jifty::Web::Session) otherwise.

       If both of those fail, creates a session in memory.

   get KEY [TYPE]
       See "get" in Jifty::Web::Session.

   set KEY => VALUE, [TYPE]
       See "set" in Jifty::Web::Session.

   remove KEY, [TYPE]
       See "remove" in Jifty::Web::Session.

   remove_all
       See "remove_all" in Jifty::Web::Session.

   continuations
       See "continuations" in Jifty::Web::Session.

perl v5.14.2							    2010-09-25				   Jifty::Web::Session::ApacheSession(3pm)