Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Full Disclosure: New PowerPoint 0-day Trojan in the wild

New PowerPoint 0-day Trojan in the wild

From: Juha-Matti Laurio <juha-matti.laurio_at_netti.fi>
Date: Tue, 19 Sep 2006 15:57:36 +0300 (EEST)

New zero-day vulnerability in Microsoft PowerPoint has been disclosed.

This vulnerability is being exploited by Trojan horse Trojan.PPDropper.E.
This dropper type file reportedly works in all Windows systems,
but the vulnerability itself has been confirmed in PowerPoint 2000 Chinese version.
Possibly attackers/targets are located in China area or bad guys just tested the Trojan with Chinese version.

According to Symantec the exact file size of malicious .PPT file is 1,072,128 bytes.
It drops another Trojan with backdoor capacity.

I put information about the vulnerability to my blog yesterday. There are no many references available yet.
Especially information about file name being used is very useful.

- Juha-Matti

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Received on Sep 19 2006

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]