This malicious JavaScript may arrive bundled with malware packages as a malware component.It may be downloaded from certain remote sites or be downloaded unknowingly by a user when visiting malicious Web sites.
It takes advantage of the following vulnerabilities found in different software applications to insert iFrame or script tags into Web sites that connect to remote sites and download malicious files:
- MS06-014 - Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution (911562)
- RealPlayer Active X Control Can Cause Stack Overflow
- Ourgame GLWorld ActiveX Control Multiple Buffer Overflow Vulnerabilities
- Stack-based Buffer Overflow in ActiveX control in Ourgame GLWorld Allows Remote Attackers to Execute Arbitrary Code
More...