Bloodhound.Exploit.10

Bloodhound.Exploit.10 is a heuristic detection for a Microsoft Internet Explorer cross-zone scripting exploit. This exploit uses redirection and delayed script injection through a modal dialog box.

This vulnerability was originally reported on June 6, 2004. Refer to http://securityfocus.com/archive/1/365293 for additional information.

The Microsoft update that fixes this vulnerability is described in Microsoft Security Bulletin MS04-025. Cumulative Security Update for Internet Explorer (867801).

Note: We suggest that you submit to Symantec Security Response any files that are detected as Bloodhound.Exploit.10. For instructions on how to do this using Scan and Deliver, read the document How to submit a file to Symantec Security Response using Scan and Deliver.




The discoverer of this exploit is currently unknown. Jelmer provided a public analysis of the issue.

Protection

• Initial Rapid Release version June 10, 2004
• Latest Rapid Release version June 10, 2004
• Initial Daily Certified version October 31, 2007 revision 003
• Latest Daily Certified version June 17, 2008 revision 017
• Initial Weekly Certified release date June 13, 2004

Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

• Wild Level: Low
• Number of Infections: 0 - 49
• Number of Sites: 0 - 2
• Geographical Distribution: Low
• Threat Containment: Easy
• Removal: Easy

Damage

• Damage Level: Low

Distribution

• Distribution Level: Low