Posts Tagged ‘Pdf Exploit’

Virus AlertMalware Exploit.JS.Pdfka.dmg – This program is an exploit that uses for its execution on a user’s vulnerability in the products of Adobe – Reader and Acrobat.

Technical details

This program is an exploit that uses for its execution on a user’s vulnerability in the products of Adobe – Reader and Acrobat. The file is a XFA (XML Forms Architecture) form, which contains malicious script language Java Script. Has a size of 14,529 bytes.

Destructive activity

Initialize and run malicious content XFA form occurs after opening a specially crafted PDF infected document that contains the form. As an event handler “initialize” in XFA form, use obfuscated malicious script Java Script. After removing the obfuscation, the malware exploits a vulnerability, which is due to a buffer overflow when processing invalid arguments “libtiff.dll” (CVE-2010-0188), to load the file, which is located at: (more…)