The following links are being detected by ESET Nod32 as JS/Exploit.CVE-2010-0806 trojan. However, I looked at the js files and i do not see the CVE-2010-0806 exploit in them. They seem to be false positives - some sort of ads scripts.
* hxxp://assets.loomia.com/js/clixdom.js
* hxxp://widget-cache.loomia.com/js/onewidget_clix.js
* hxxp://a.l.yimg.com/a/lib/s5/searchpad_core_metro_js_200911061221.js
File clixdom.js received on 2010.03.30 15:51:37 (UTC)
Result: 1/42 (2.38%)
NOD32 4985 2010.03.30 JS/Exploit.CVE-2010-0806
Result: 1/42 (2.38%)
NOD32 4985 2010.03.30 JS/Exploit.CVE-2010-0806
Let me know if I am wrong.
Thanks -M
P.S. I just found this discussion related to it JS/EXploit.CVE-2010-0806 trojan on Yahoo
This is a false positive and has been corrected by Eset in the latest update to Nod-32. If you do the update(s) you will notice this stops coming up.
ReplyDeleteyep. thanks
ReplyDelete