|
Exploit Prevention Labs' Threat Center publishes a monthly Exploit Prevalence Report. This reports measures the top web-borne exploits based on real-world data. The results are derived from automated reports submitted by LinkScanner users in addition to information captured from the company’s network of hunting-pots.
The following is a summary of the top five most-reported web exploits as a percentage of overall exploit occurrences for June 2006:
| Exploit |
% |
Description |
| WebAttacker |
32.09% |
WebAttacker is a Russian-built software application that generates web based exploits. Like a commercial software application, it can be purchased on underground hacker web sites for between $20 and $300, and it requires minimal technical sophistication to use. Updated every few months, just like legitimate commercial software, only it's crimeware. |
| CreateTextRange (CVE-2006-1359) |
19.49% |
Released March 2006. This is a buffer overflow attack affecting Internet Explorer that enables the execution of arbitrary code. |
| Iframers Launcher Script |
16.34% |
This exploit is perpetrated by a cybercrime mob sometimes called the CoolWebSearch gang, or the Russian iframers. |
| WMF (CVE-2005-2124) with known payload |
15.00% |
Windows Metafile exploit from December 2005. Uses a little known feature of windows Metafiles to execute arbitrary code, such as malware. |
| TriMode |
10.27% |
A launcher script discovered by Exploit Prevention Labs on May 23, 2006. An encrypted script that attempts to launch three different exploits. |
Note: Numbers do not add up to 100 percent, due to the following less-frequently reported exploits: IE Script Action Overload (4.08 percent), MDAC (.58 percent), Firefox ms06-06 (.35 percent) and Javascript window (.12 percent).
|
