Login or Register to Ask a Question and Join Our Community


Malware Advisories (RSS)

Js_dloadr.gq

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Malware Advisories (RSS) Js_dloadr.gq
# 1  
Old 07-26-2008
Js_dloadr.gq
This JavaScript may be hosted on a Web site and run when a user accesses the said Web site. Once a user visits the Web site hosting this malware, it downloads a file.

It takes advantage of the vulnerability in Microsoft Data Access Components (MDAC). That allows the scripts to download and execute malicious files.

More information of the said vulnerability is available in the following Web site:

Microsoft Security Bulletin MS06-014
It uses Microsoft.XMLHTTP object with CLSID BD96C556-65A3-11D0-983A-00C04FC29E36 and ADODB.Stream objects to download the file.

The Microsoft.XMLHTTP object is one of Microsoft's suite of XML DOM (Document Object Model) components that are initially designed to provide client-side access to XML documents on remote servers through the HTTP protocol. The said object is used to request or send any type of document.

The ADODB.Stream object is used to read, write, and manage a stream of binary data or text. Note that VBScript and JavaScript do not usually have capabilities to read and write files because they are programmed as safe client-side programming languages. To work with files, the use of a built-in or external ActiveX or COM object, such as Microsoft.XMLHTTP and ADODB.Stream objects, is required.



More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

wnintro

WNINTRO(1WN)						      WordNettm User Commands						      WNINTRO(1WN)

NAME

       wnintro - WordNet user commands

SYNOPSIS

       wn - command line interface to WordNet database

       wnb - window based WordNet browser

DESCRIPTION

       This  section  of the WordNet Reference Manual contains manual pages that describe commands available with the various WordNet system pack-
       ages.

       The WordNet interfaces wn(1WN) and wnb(1WN) allow the user to search the WordNet database and display the information textually.

ENVIRONMENT VARIABLES (UNIX)
       WNHOME		   Base directory for WordNet.	Default is /usr/local/WordNet-3.0.

       WNSEARCHDIR	   Directory in which the WordNet database has been installed.	Default is WNHOME/dict.

REGISTRY (WINDOWS)
       HKEY_LOCAL_MACHINESOFTWAREWordNet3.0WNHome
			   Base directory for WordNet.	Default is C:Program FilesWordNet3.0.

SEE ALSO

       grind(1WN), wn(1WN), wnb(1WN), wnintro(3WN), wnintro(5WN), wnintro(7WN).

       Fellbaum, C.(1998), ed.  "WordNet: An Electronic Lexical Database".  MIT Press, Cambridge, MA.

AVAILABILITY

       WordNet has a World Wide Web site at http://wordnet.princeton.edu.  From this web site users can learn about the WordNet project, run  sev-
       eral different interfaces to the WordNet database, and download various WordNet system packages and "Five Papers on WordNet".

WordNet 3.0							     Dec 2006							      WNINTRO(1WN)