CVE-2013-5330 (Flash) in an unknown Exploit Kit fed by high rank websites

From Botnets.fr
Jump to navigation Jump to search

(Publication) Link to the old Wiki page : [1] / Google search: [2]

CVE-2013-5330 (Flash) in an unknown Exploit Kit fed by high rank websites
Botnet Lurk
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2014 / 2014-02-02
Editor/Conference Kafeine
Link http://malware.dontneedcoffee.com/2014/02/cve-2013-5330-flash-in-unknown-exploit.html (Archive copy)
Author Kafeine
Type Blogpost

Abstract

Trying to figure out which CVE it could be based on those version number I end up with :

CVE-2012-0779 & CVE-2012-1535 as candidates...or something newer with server side block to avoid making too much noise.

I asked for help and Timo Hirvonen from F-Secure figure out it was CVE-2013-5330. That one was patched the 2013-11-12 with the CVE-2013-5329 which appeared recently in Angler EK

Bibtex

 @misc{Kafeine2014BFR1393,
   editor = {Kafeine},
   author = {Kafeine},
   title = {CVE-2013-5330 (Flash) in an unknown Exploit Kit fed by high rank websites},
   date = {02},
   month = Feb,
   year = {2014},
   howpublished = {\url{http://malware.dontneedcoffee.com/2014/02/cve-2013-5330-flash-in-unknown-exploit.html}},
 }