SWF/Sorlus.64F6!exploit

Alias/esExploit/CVE-2009-1862, Trojan.Exploit.Pidef!IK, SWF.FlashExploit.D, Exploit.SWF.Agent.bt
Release DateJul 22, 2009
Detection Availability
Active DatabaseExtended Database
FortiGatelowhigh
FortiClient
FortiMailN/A
Current Antivirus Definition Database Version: 12.202
CVE2009-1862
Description

Visible Symptoms

  • The following file may exist:
    • %Windows%\ime\wmimachine2.dll: detected as W32/Bublik.LLD!tr.

    Detailed Analysis


    SWF/Sorlus.64F6!exploit is the detection for the malicious SWF file that attempts to exploit a vulnerability in Adobe Flash Player, as described in the Security Bulletin APSA09-03. The first circulated SWF files have been observed to download and install a Win32 trojan, which is detected as W32/Bublik.A!tr.

    Visit the following links for more information about the vulnerability:
    Description Last Updated Date: Jul 23, 2009
    Reference: ID - 950943