FRISK Software International

Summary of JS/DDay.Exploit
Discovered: 26 Sep 2002
Definition files: 23 Oct 2002
Risk Level: Low
Infection Method:This vulnerability is exploited through a JavaScript.
Payload: cookie stealing, website content forging, local file reading and possibly malicious program execution on user computer.
Jump to:
Technical description
Removal Instructions

Technical Description
This vulnerability affects Internet Explorer 5.5 and 6.0 (this vulnurebility isn't present after IE 6.0 service pack 1 has been applied). Prior versions are not affected. Other programs based on the WebBrowser control are affected, such as Microsoft Outlook and MSN Explorer.
Following actions can be exploited through this vulnerability: cookie stealing, content forging, reading of local files and execution of possibly malicious programs on user computer.
This issue was first addressed by GreyMagic Software company. Their advisory is available here.

Removal Instructions
Disable active-scripting for Internet Explorer. Apply service pack 1 for Internet Explorer 6.0.

Sindri Bjarnason - virus analyst, FRISK Software Int.

Stay up to date with important developments via e-mail.
Stay up to date with life cycle policies for F-PROT Antivirus for Windows.
Virus news and information directly to your desktop.
Definitions of common antivirus terminology.
For further virus information, please try our partners' websites:


perComp Verlag
(in German)