Login or Register to Ask a Question and Join Our Community


Malware Advisories (RSS)

Js_realplay.j

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Malware Advisories (RSS) Js_realplay.j
# 1  
Old 12-25-2007
Js_realplay.j
This exploit is hosted on a Web site and runs when a user accesses the said Web site.
It takes advantage of a known vulnerability in several versions of the media player RealPlayer that causes a stack overflow and allows the download of possibly malicious files on the affected system.
Before exploiting the abovementioned vulnerability, this exploit first checks if the affected machine is running Windows 2000 or Windows XP with Internet Explorer 6 or 7. It also checks if RealPlayer is installed on the system and what version of the player is installed to determine the first few bytes of shell code that it writes on the affected system.
Once it successfully exploits the said vulnerability, this exploit connects to a certain URL to download a malicious file which is detected by Trend Micro as PE_MUMAWOW.AO-O. As a result, malicious routines of the downloaded file may be exhibited on the affected system.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT REDHAT

xmdropsiteconfigurestackingorder

XmDropSiteConfigureStackingOrder(library call)							    XmDropSiteConfigureStackingOrder(library call)

NAME

       XmDropSiteConfigureStackingOrder -- A Drag and Drop function that reorders a stack of widgets that are registered drop sites

SYNOPSIS

       #include <Xm/DragDrop.h>
       void XmDropSiteConfigureStackingOrder(
       Widget widget,
       Widget sibling,
       Cardinal stack_mode);

DESCRIPTION

       XmDropSiteConfigureStackingOrder changes the stacking order of the drop site specified by widget. The stacking order controls the manner in
       which drag-under effects are clipped by overlapping siblings, regardless of whether they are active. The stack mode is relative	either	to
       the entire stack, or to another drop site within the stack. The stack order can be modified only if the drop sites are siblings in both the
       widget and drop site hierarchy, and the widget parent of the drop sites is registered as a composite drop site.

       widget	 Specifies the drop site to be restacked.

       sibling	 Specifies a sibling drop site for stacking operations. If specified, then widget is restacked relative to this drop site's  stack
		 position.

       stack_mode
		 Specifies  the  new stack position for the specified widget.  The values are XmABOVE and XmBELOW. If a sibling is specified, then
		 widget is restacked as follows:

		 XmABOVE   The widget is placed just above the sibling.

		 XmBELOW   The widget is placed just below the sibling.

		 If the sibling parameter is not specified, then widget is restacked as follows:

		 XmABOVE   The widget is placed at the top of the stack.

		 XmBELOW   The widget is placed at the bottom of the stack.

       For a complete definition of DropSite and its associated resources, see XmDropSite(3).

RELATED

       XmDropSite(3), XmDropSiteRetrieve(3), and XmDropSiteQueryStackingOrder(3).

												    XmDropSiteConfigureStackingOrder(library call)