Content
JS/Exploit-WkImgSrv
- Type
- Trojan
- SubType
- Exploit
- Discovery Date
- 04/17/2008
- Length
- Minimum DAT
- 5277 (04/18/2008)
- Updated DAT
- 5277 (04/18/2008)
- Minimum Engine
- 4.4.00
- Description Added
- 04/17/2008
- Description Modified
- 04/17/2008 4:42 PM (PT)
Tab Navigation
Characteristics
This is a detection for an exploit for a vulnerability in Microsoft Works. The ActiveX object WkImgSrv.dll contains a function that can be overflowed by an out of range value, which could lead to arbitrary code execution.
The potential exposure for the exploit is low, because Microsoft Works needs to already be installed, and the control is not marked Safe For Scripting by default.
Symptoms
If the exploit is successful, arbitrary code could be executed, which could perform any action the user has the permissions to perform.
Method of Infection
Exploits an integer overflow in WkImgSrv.dll
Removal
-
Variants
Variants
N/A
All Information
Overview -
Characteristics
Characteristics -
This is a detection for an exploit for a vulnerability in Microsoft Works. The ActiveX object WkImgSrv.dll contains a function that can be overflowed by an out of range value, which could lead to arbitrary code execution.
The potential exposure for the exploit is low, because Microsoft Works needs to already be installed, and the control is not marked Safe For Scripting by default.
Symptoms
Symptoms -
If the exploit is successful, arbitrary code could be executed, which could perform any action the user has the permissions to perform.
Method of Infection
Method of Infection -
Exploits an integer overflow in WkImgSrv.dll
Removal -
Removal -
-
Variants
Variants -
N/A
