This page is interesting because it uses exploits rather than social engineering to install the malicious code. Below are the details of the exploits / malicious code.
|Original malicious code|
Like many malicious pages, several exploits are included on this page:
- 2 malicious Java applets, using different techniques for Internet Explorer and Firefox
- PDF exploit
- Quicktime '_Marshaled_pUnk' Remote Code Execution Vulnerability
- Heap spray attack
- Internet Explorer MDAC exploit
- Internet Explorer "iepeers.dll" exploit
- 3 Flash exploits
|Part of the code for the Java exploit|
This malicious page tries the different exploits until one is successful. Users need to make sure they keep both their browser and their plugins up to date.