Drive-By Downloads on alivejdani*com
Of the 114 pages we tested on the site, 34 pages resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2010-06-08, and the last time suspicious content was found on this site was on 2010-06-08.
Malicious software includes 32 scripting exploits, 19 exploits. Successful infection resulted in an average of 1 new process(es) on the target machine.
Malicious software is hosted on 16 domains, including conta-vencedora.pt/, wushu.in.th/, plmag.info/.
4 domains appear to be functioning as intermediaries for distributing malware to visitors of this site, including pop3free.in/, plmag.info/, wushu.in.th/. (last is spam site: see: McAfee Trusted Source)
This site was hosted on 1 network(s) including AS16557 (COLOSOLUTIONS).
Microsoft Data Access Components (MDAC) provide components for database access, including functionality for querying local and remote databases of various formats.
The MDAC RDS.Dataspace ActiveX control is prone to a remote code execution vulnerability. This issue exists because the control fails to behave securely when it is hosted on a web page. Sufficient restrictions are not placed on the control to prevent it from performing privileged actions when hosted remotely.
An attacker could exploit this issue to install programs, view, modify, or delete data, or create new user accounts on the computer..exploitation abuse...
Threats found: 7
Here is a complete list:
Threat Name: MSIE ADODB.Stream Object File Installation Weakness
Location: htxp://alivejdani.com/rambler/twiter-2october-07102009soft/international-clock-v5.85.80=download=torrents=32.html avast detects as JS:ShellCode-AF [Expl]
htxp://wepawet.iseclab.org/view.php?hash=e83419f9f7a75fb373f5be649960db71&t=1276293032&type=js
(trying to open last given link will produce an avast alert)
Threat Name: MSIE ADODB.Stream Object File Installation Weakness
Location: htxp://alivejdani.com/rambler/twiter-2october-07102009soft/vcd-burner-activex-control-v1.0=download=torrents=14.html
Threat Name: MSIE ADODB.Stream Object File Installation Weakness
Location: htxp://alivejdani.com/rambler/twiter-2october-07102009soft/resize-pictures-plus-v1.0.1-invisible=download=torrents=36.html
Threat Name: MSIE ADODB.Stream Object File Installation Weakness
Location: htxp://alivejdani.com/rambler/twiter-2october-07102009soft/bestaddress-html-editor-2007-pro-v10.0.0=download=torrents=3.html
Threat Name: MSIE ADODB.Stream Object File Installation Weakness
Location: htxp://alivejdani.com/rambler/twiter-2october-07102009soft/18-wheels-of-steel-convoy-cheat-codes-rip=download=torrents=21.html
Threat Name: Direct link to MSIE ADODB.Stream Object File Installation Weakness
Location: hxtp://alivejdani.com/rambler/twiter-2october-07102009soft/idksm-search-engine-indexer-1.4.6=download=torrents=40.html
Threat Name: Direct link to MSIE ADODB.Stream Object File Installation Weakness
Location: htxp://alivejdani.com/rambler/twiter-2october-07102009soft/eatman-v1.22-plus-5-trainer=download=torrents=16.html
polonus
