Search

CVE-2012-4786,MS12-078 The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1,

CVE-2003-0109,CVE-2003-0109,ms03-007 Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute

CVE-2009-0559,MS09-021 Stack-based buffer overflow in Excel in Microsoft Office 2000 SP3 and Office XP SP3 allows remote attackers to execute arbitrary code via a crafted Excel file with a malformed

CVE-2012-2539,MS12-079 Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; and Office Web Apps 2010 SP1 allow remote attackers to execute

CVE-2009-1535,MS09-020 The WebDAV extension in Microsoft Internet Information Services (IIS) allows remote attackers to bypass URI-based protection mechanisms, and list folders or read, create, or

MS09-019,CVE-2009-1141 Microsoft Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2 allows remote attackers to execute arbitrary code via unspecified DHTML function calls related to a

Description Name: CVE-2015-1635 - Range HTTP Exploit . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this type of network behavior ...

Description Name: CVE-2016-0128 - Unencrypted Authentication Level - SAMR (Request) . This is Trend Micro detection for SMB2 and DCE-RPC network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The hos...

Description Name: CVE-2012-0394 - APACHE STRUTS EXPLOIT - HTTP(Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this type o...

Description Name: CVE-2017-12615 - APACHE TOMCAT Remote Code Execution via JSP Upload - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement....

Description Name: CVE-2017-16943 EXIM Remote Code Execution exploit - SMTP (Request) . This is Trend Micro detection for SMTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibitin...

Description Name: CVE-2017-4933 VMWDynResolution Buffer Overflow Exploit - VNC (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhib...

Description Name: CVE-2018-11776 - APACHE STRUTS RCE EXPLOIT - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this ...

Description Name: CVE-2018-9206 - JQuery Arbitrary File Upload Exploit Attempt - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for N/A.The host exhibiting this type of netwo...

Internet Account Manager MS Outlook Outlook Express Group Mail Free IncrediMail Windows Mail Windows Live Mail Yahoo! Mail Gmail Facebook It attempts to get stored information such as user names, passwords,

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a

This spyware attempts to steal sensitive online banking information, such as user names and passwords. This routine risks the exposure of the user's account information, which may then lead to the

NOTES: It uses MS Word application icon to trick users that it is a .DOC file. Upon execution, it also drops and opens a decoy document %User Temp%\temp.doc to trick users into thinking that it is a normal

folder to enable its automatic execution at every system startup: %Start Menu%\Programs\Startup\MS office.lnk (Note: %Start Menu% is the current user's Start Menu folder, which is usually C:\Windows\Start

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a