TROJAN: Byte-Verify in Webpage
This signature detects the Trojan Byte-Verify within an HTML document loaded from a web page. An attacker could exploit the vulnerability in the ByteCode verifier component of Microsoft Virtual Machine to execute arbitrary code with the privileges of the current user.
Extended Description
The Microsoft Java virtual machine implementation contains a vulnerability that may allow for malicious Java applets to escape the security sandbox. An applet constructed at the bytecode-level may be able to perform some illegal operations. If these operations are performed, it may be possible to escape the security constraints placed on the applet by the JVM. Code execution with the privileges of the victim user may be possible.
Affected Products
Microsoft windows_2000_server
Short Name
TROJAN:BYTE-VERIFY-HTML
Severity
Major
Recommended
False
Recommended Action
Drop
Category
TROJAN
Keywords
Byte-Verify CVE-2003-0111 Webpage bid:6221 in
Release Date
01/05/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Microsoft
CVSS Score
7.5