| Vulnerability Name: | CCN-26554 |
| Published: | 2006-05-19 |
| Updated: | 2006-05-19 |
| Summary: | Trojan.Mdropper.H is a Trojan that uses a client/server relationship, where the server component is installed in the victim's system and the remote attacker has control of the client. The server attempts to open a port to allow the client system to connect. Trojan.Mdropper.H exploits an unknown vulnerability in Microsoft Word, and installs Backdoor.Ginwui. Trojan.Mdropper.H could allow a remote attacker to gain unauthorized access to the system or cause the system to crash. |
| CVSS v3 Severity: | |
| CVSS v2 Severity: | |
| Vulnerability Consequences: | Gain Access |
| References: | Source: CCN Type: SANS - Internet Storm Center Targeted attack: Word exploit - Update (NEW) Source: CCN Type: Windows Live Safety Center Web site Windows Live Safety Center Source: CCN Type: McAfee Web site Exploit-OleData.gen Source: CCN Type: F-Secure Trojan Information Pages Ginwui.A Source: CCN Type: BID-18037 Microsoft Word Malformed Object Pointer Remote Code Execution Vulnerability Source: XF Type: UNKNOWN mdropper-h-trojan(26554) Source: CCN Type: ISS X-Force Database Microsoft Word document handling buffer overflow |
| Vulnerable Configuration: | Configuration CCN 1: Denotes that component is vulnerable |
| BACK | |