Exploit-CVE2008-2463

This page shows details and results of our analysis on the malware Exploit-CVE2008-2463

Download Current DAT: 6617

Threat Detail

Malware Type: Trojan

Malware Sub-type: Exploit

Discovery Date: 2008-07-22

Next Steps:

Overview
Characteristics
Symptoms
Method of Infection

Overview

Exploit-CVE2008-2463 is a detection for Snapshot Viewer ActiveX control (http://www.microsoft.com/technet/security/bulletin/ms08-041.mspx) vulnerability in Microsoft Access.

Minimum DAT

5344 (2008-07-22)

Updated DAT

5504 (2009-01-23)

Minimum Engine

5.2.00

File Length

N/A

Description Added

2008-07-22

Description Modified

2009-01-27

Malware Proliferation

Characteristics

Exploit-CVE2008-2463 is a detection for Snapshot Viewer ActiveX control (http://www.microsoft.com/technet/security/bulletin/ms08-041.mspx) vulnerability in Microsoft Access.
This exploit affects Microsoft Office Snapshot Viewer ActiveX control (snapview.ocx) found in Microsoft Office 2000/2003/XP and allows a remote attacker to download and execute arbitrary files on system if the victim opens a specially crafted web page.
An attacker who successfully exploited this vulnerability could gain complete control of the system.

Symptoms

This detection is sufficiently generic, such that it can cover a number of threats that contain the exploit code. Therefore, it is not possible to describe specific symptoms or details about system changes that can occur from this threat. However, simply seeing this detection does not mean that any exploit code was run at all as such exploit code could only run on a vulnerable system.
Additionally some exploits simply cause Internet Explorer to crash and nothing more.

Method of Infection

The infection will happen when the user access a specially crafted malicious web site.