Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Threats » JPEG/Exploit.gen

Overview

Threat Risk NONE NONE
Destructivity NONE NONE
Payload
Detection files published
Description created 11 Oct 2004 02:26:00
Description updated 11 Oct 2004 02:26:00
Malware type TROJAN
Alias
Spreading mechanism
Summary None

JPEG/Exploit.gen

Spreading

There are several vectors that exploited JPEGs can use to infect a system:

Web based. A malicious JPEG could be placed on a website and then executed whenever the page is viewed by a vulnerable browser. E-mail. A malicious JPEG could be executed when viewed with a vulnerable mail client. File browsing. A malicious JPEG can be executed by viewing the folder in which it resides. To date no JPEGs have been discovered that are able to self-replicate, although several ‘trojanised’ JPEGs are in existence. These have included the ability to download and execute malware.

Payload Details

n/a

Analysis

n/a

Removal

All JPEG images that exploit the MS04-028 vulnerability are detected and removed using the engine update released 28-Sept-2004. Write-up by Tom Bonner.


Last Updated: 12 Nov 2015 11:06:15