Search
Keyword: ms04-038_internet_explorer
CVE-2010-1247,ms10-038 Unspecified vulnerability in Microsoft Office Excel 2002 SP3 allows remote attackers to execute arbitrary code via an Excel file with a malformed RTD (0x813) record that
adds the following registry keys: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Internet Explorer\InternetRegistry It adds the following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Internet
CVE-2010-2569,CVE-2010-2570,CVE-2010-2571,CVE-2010-3954,CVE-2010-3955 This update resolves vulnerabilities in Microsoft Publisher that could allow remote code execution. An attacker can exploit the
\Microsoft\ Internet Explorer E68896CF = "d646f6e4" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Internet Explorer 73F038F0 = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Internet Explorer E68896CF = "d646f6e9
\CurrentVersion\AppCompatFlags\ Layers HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Policies\ Associations HKEY_LOCAL_MACHINE\Software\Microsoft\ Windows\CurrentVersion\Policies\ Explorer
located.) It adds the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Explorer\ Advanced ShowSuperHidden = "0" It modifies the following registry entries:
following registry keys: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Policies\ System HKEY_LOCAL_MACHINE\Software\Policies\ Microsoft\Internet Explorer\Control Panel HKEY_CURRENT_USER
HKEY_LOCAL_MACHINE\Software\Policies\ Microsoft\Internet Explorer\Control Panel HKEY_CURRENT_USER\Software\Policies\ Microsoft\Internet Explorer\Control Panel It adds the following registry entries: HKEY_LOCAL_MACHINE
following registry keys: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Policies\ System HKEY_LOCAL_MACHINE\Software\Policies\ Microsoft\Internet Explorer\Control Panel HKEY_CURRENT_USER
\Internet Explorer\Control Panel HKEY_CURRENT_USER\Software\Policies\ Microsoft\Internet Explorer\Control Panel It adds the following registry entries: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
\Clsid HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}\ ProgID It adds the following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Internet Explorer E68896CF = "d639135f
\Microsoft\ Utowt HKEY_CURRENT_USER\Software\Microsoft\ Internet Explorer\Privacy It adds the following registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Utowt Epapu = "{random values}" HKEY_CURRENT_USER
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
\Programs\WinPcap\WINPCA~1.URL %User Profile%\Internet Explorer\brndlog.bak %User Profile%\Internet Explorer\brndlog.txt %User Profile%\Cookies\index.dat %Application Data%\Microsoft\Media Player\CURREN~1.WMD
%Start Menu%\Programs\WinPcap\UNINST~1.LNK %Start Menu%\Programs\WinPcap\WINPCA~1.URL %User Profile%\Internet Explorer\brndlog.bak %User Profile%\Internet Explorer\brndlog.txt %User Profile%\Cookies
"audio/x-ms-wma" (Note: The default value data of the said registry entry is audio/x-ms-wma .) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Internet Explorer\EmbedExtnToClsidMappings\.wma MPlayer2.Set = "yes" (Note: The
"audio/x-ms-wma" (Note: The default value data of the said registry entry is audio/x-ms-wma .) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Internet Explorer\EmbedExtnToClsidMappings\.wma MPlayer2.Set = "yes" (Note: The
"audio/x-ms-wma" (Note: The default value data of the said registry entry is audio/x-ms-wma .) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Internet Explorer\EmbedExtnToClsidMappings\.wma MPlayer2.Set = "yes" (Note: The
registry entry is audio/aiff .) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Internet Explorer\EmbedExtnToClsidMappings\.aif MPlayer2.Set = "yes" (Note: The default value data of the said registry entry is yes .)