1. /
  2. Security Response/
  3. JS.Qspace

JS.Qspace

Risk Level 1: Very Low

Discovered:
December 3, 2006
Updated:
February 13, 2007 1:02:35 PM
Also Known As:
JS_QSPACE.A [Trend Micro], JS/QSpace [McAfee]
Type:
Worm
Systems Affected:
Other


JS.Qspace is a JavaScript based worm that exploits an XSS vulnerability in the MySpace Web service. It also attempts to steal MySpace user credentials and modifies MySpace users profile in order to spread.


Antivirus Protection Dates

  • Initial Rapid Release version December 3, 2006
  • Latest Rapid Release version September 28, 2010 revision 054
  • Initial Daily Certified version December 3, 2006
  • Latest Daily Certified version September 28, 2010 revision 036
  • Initial Weekly Certified release date December 6, 2006
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Easy
  • Removal: Easy

Damage

  • Damage Level: Low

Distribution

  • Distribution Level: Medium
Writeup By: Elia Florio

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report, Volume 17
Symantec DeepSight Screensaver