Clicky

Pages

Thursday, April 21, 2011

Apr 21 CVE-2011-0611 PDF - SWF CNO Guidance from yasmeen_omran@hotmail.com 65.49.2.153


Common Vulnerabilities and Exposures (CVE)number

CVE-2011-0611 -- Adobe Flash Player 10.2.153.1 and earlier for Windows, Macintosh, Linux, and Solaris; 10.2.154.25 and earlier for Chrome; and 10.2.156.12 and earlier for Android; Adobe AIR 2.6.19120 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.3 and 10.x through 10.0.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, related to a size inconsistency in a "group of included constants," object type confusion, and Date objects, as demonstrated by a .swf file embedded in a Microsoft Word document, and as exploited in the wild in April 2011.

  General File Information

File Name: CNO_Guidance.pdf

MD5: 63482fff87b0cc16378eac28786017ad
SHA1: 60805758d2289b5c57865f819f9c7ea4a40d4990
SHA256: 0c3628d9bbd132695d49be965aa3c4d3e40af25c748788c06d055344a42bf552
File size: 214003 bytes
File Type: PDF
Distribution: Email attachment

Download


Original Message


 From: yasmeen omran [mailto:yasmeen_omran@hotmail.com]
Sent: Thursday, April 21, 2011 9:27 AM
To: xxxx
Subject: CNO Guidance.

CNO Guidance.

Call me as soon as you review the file.

Col Terry

read more...

Message Headers


Received: (qmail 551 invoked from network); 21 Apr 2011 13:27:09 -0000
Received: from col0-omc3-s2.col0.hotmail.com (HELO col0-omc3-s2.col0.hotmail.com) (65.55.34.140)
  by XXXXXXXXXXXXXXX; 21 Apr 2011 13:27:09 -0000
Received: from COL122-W39 ([65.55.34.135]) by col0-omc3-s2.col0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675);
     Thu, 21 Apr 2011 06:27:09 -0700
Message-ID:  COL122-W39281F057B531B8C6894D487920@phx.gbl
Return-Path: yasmeen_omran@hotmail.com
Content-Type: multipart/mixed;
    boundary="_8591d107-bb85-4feb-bad0-942d052a961d_"
X-Originating-IP: [65.49.2.153]
From: yasmeen omran
To: XXXXXXXXXXXXX
Subject: CNO Guidance.
Date: Thu, 21 Apr 2011 15:27:08 +0200
Importance: Normal
MIME-Version: 1.0
X-OriginalArrivalTime: 21 Apr 2011 13:27:09.0059 (UTC) FILETIME=[D09D3530:01CC0027]


Sender

Hostname:    65.49.2.153
ISP:    Hurricane Electric
Organization:    Sophidea
Proxy:    Confirmed proxy server. 
Country:    Anonymous Proxy
 




Automated Scans

CNO_Guidance.pdf
 http://www.virustotal.com/file-scan/report.html?id=0c3628d9bbd132695d49be965aa3c4d3e40af25c748788c06d055344a42bf552-1303393717

AhnLab-V32011.04.21.012011.04.21SWF/Exploit
AntiVir7.11.6.2242011.04.21EXP/CVE-2011-0611.A
Avast4.8.1351.02011.04.21JS:Pdfka-gen
Avast55.0.677.02011.04.21JS:Pdfka-gen
BitDefender7.22011.04.21Exploit.PDF-JS.Gen
F-Secure9.0.16440.02011.04.21Exploit.PDF-JS.Gen
GData222011.04.21Exploit.PDF-JS.Gen
Kaspersky7.0.0.1252011.04.21Exploit.SWF.CVE-2011-0611.c
McAfee-GW-Edition2010.1D2011.04.20Heuristic.BehavesLike.Exploit.PDF.CodeExec.NLMM
NOD3260612011.04.21PDF/Exploit.Gen
Panda10.0.3.52011.04.20Exploit/PDF.Gen.B
MD5: 63482fff87b0cc16378eac28786017ad
SHA1: 60805758d2289b5c57865f819f9c7ea4a40d4990
SHA256: 0c3628d9bbd132695d49be965aa3c4d3e40af25c748788c06d055344a42bf552
File size: 214003 bytes
Scan date: 2011-04-21 13:48:37 (UTC)


Posted by Mila at 11:27 AM Tags:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
Home