CVE-2013-5330 (Flash) in an unknown Exploit Kit fed by high rank websites
Jump to navigation
Jump to search
(Publication) Google search: [1]
| CVE-2013-5330 (Flash) in an unknown Exploit Kit fed by high rank websites | |
|---|---|
| Botnet | Lurk |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2014 / 2014-02-02 |
| Editor/Conference | Kafeine |
| Link | http://malware.dontneedcoffee.com/2014/02/cve-2013-5330-flash-in-unknown-exploit.html (Archive copy) |
| Author | Kafeine |
| Type | Blogpost |
Abstract
“ Trying to figure out which CVE it could be based on those version number I end up with :
CVE-2012-0779 & CVE-2012-1535 as candidates...or something newer with server side block to avoid making too much noise.
I asked for help and Timo Hirvonen from F-Secure figure out it was CVE-2013-5330. That one was patched the 2013-11-12 with the CVE-2013-5329 which appeared recently in Angler EK
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2014BFR1393,
editor = {Kafeine},
author = {Kafeine},
title = {CVE-2013-5330 (Flash) in an unknown Exploit Kit fed by high rank websites},
date = {02},
month = Feb,
year = {2014},
howpublished = {\url{http://malware.dontneedcoffee.com/2014/02/cve-2013-5330-flash-in-unknown-exploit.html}},
}