Closed Bug 688116 Opened 9 years ago Closed 9 years ago
malware site can remotely execute code
User Agent: Mozilla/5.0 (Windows NT 6.0; rv:6.0.2) Gecko/20100101 Firefox/6.0.2 Build ID: 20110902133214 Steps to reproduce: Logged on to http://financeuser-infostore.com/ Actual results: It tried to execute malicious code - intercepted by my AV. I did not click on anything or download anything. Expected results: Nothing.
Contains an iframe hosted at http://wxxhytjujqrtjklttff.cx.cc/main.php?page=6c9ce277482cac0d that uses a Java applet. Saving the file activates Security Essentials that flags this as Exploit:Win32/CVE-2010-1885.A See http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Exploit%3AWin32%2FCVE-2010-1885.A Alan, please make sure your Windows is up to date with security patches then visit https://www.mozilla.org/en-US/plugincheck/ to check your plugins and update any that are out of date, especially Java.
Malicious page is now gone, looks like a known Java exploit.
Status: UNCONFIRMED → RESOLVED
Closed: 9 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.