Virus Detail

JS/CVE-2006-3730!exploit

Date Published:
1 Oct 2006

Last Updated:
1 Oct 2006

Threat Assessment

Overall Risk: None

Wild: None

Destructiveness: None

Pervasiveness: None

Characteristics

Type : Other

Category : HTMLWin32

Also known as: JS.CVE-2006-3730!exploit, JS/Exploit-BO.gen (McAfee), Exploit.HTML.IESlice.c (Kaspersky)

Immediate Protection Info

Signature	Product	Removal Instructions
30.3.3106	eTrust Antivirus v7/8*	View
7.x/2416	eTrust EZ Antivirus 6.4x	View
6.x/10004	eTrust EZ Antivirus 6.x	View
12.4.2416	eTrust EZ Antivirus 7.x	View
10.6x/10004	Vet Anti-Virus 10.6x	View

Tools

Signature file information

Scan for viruses

Submit a Virus Sample

Description

CVE-2006-3730!exploit is a generic detection of web pages which attempt to exploit a vulnerability in the Windows Shell.

This does not necessarily mean that a virus has been found. It merely means that HTML code was found which attempts to activate additional executable code without the user's express permission. This exploit can be used in a malicious web page to execute code of the attacker's choice on the user's machine. Users of Internet Explorer are vulnerable to this exploit.

Microsoft plan to release a security update to address this vulnerability on Tuesday, October 10, 2006. A Security Advisory has been issued here: http://www.microsoft.com/technet/security/advisory/926043.mspx

Note: this detection may be triggered by merely visiting a web page that contains malicious code. It does not necessarily mean your machine has been compromised, nor that your machine is vulnerable to this particular exploit.