|
 |
|
Snapper
|
|
|
First Report:
|
2004-03-24 12:01
|
|
Last Update:
|
2004-11-01 05:23
|
|
|
Risk Rating:
|
Very Low Risk
|
|
|
Aliases:
|
HTML_SNAPPER.A
I-Worm.Snapper
Snapper
Snapper.A
VBS/Inor.J
W32.Snapper.A@mm
W32/Snapper-A
W32/Snapper.A.worm
W32/Snapper.A@mm
W32/Snapper@MM
WORM_SNAPPER.A
|
|
|
|
Information From AntiVirus Vendors
|
|
|
|
|
Below you will find virus information from different antivirus vendors included in this Secunia Virus Profile. Information about the virus along with links to removal tools will be listed below when available.
The information provided is sorted by the date on which the information first became publicy available on the antivirus vendors' websites. The earliest available reports are displayed first. Please note timestamps are in GMT+1.
|
|
|
#1 - F-SECURE
|
| |
|
|
Snapper
|
Severity:
-
|
File Size:
-
|
| |
|
|
Reported:
2004-03-24 12:01
|
Last Update:
2004-10-01 05:26
|
| |
Description:
We received reports about a new worm that spreads itself from a website located in the USA on March 24th, 2004. The worm sends messages with a link to an HTML page that runs a script dropper, that in its turn drops the worm's binary file to a user's computer.
|
| |
|
Full Report From Vendor
|
|
|
#2 - SYMANTEC
|
| |
|
|
W32.Snapper.A@mm
|
Severity:
2/5
|
File Size:
9kb
|
| |
|
|
Reported:
2004-03-24 13:54
|
Last Update:
2004-03-25 00:20
|
| |
Description:
W32.Snapper.A@mm is a worm that spreads to all the contacts in the Windows Address Book. It does not send itself as an email attachment. Instead, it exploits the Internet Explorer Object Tag Vulnerability that is described in Microsoft Security Bulletin MS03-032. This vulnerability allows W32.Snapper.A@mm to automatically download and install the worm when the email is opened.
|
| |
|
Full Report From Vendor
View/Hide ChangeLog
|
|
ChangeLog:
|
|
|
Changes are listed in chronological order with the latest changes first.
|
|
| |
|
|
2004-03-25 00:20
|
Description was changed.
New:
"W32.Snapper.A@mm is a worm that spreads to
all the contacts in the Windows Address Book.
It does not send itself as an email
attachment. Instead, it exploits the Internet
Explorer Object Tag Vulnerability that is
described in Microsoft Security Bulletin
MS03-032. This vulnerability allows
W32.Snapper.A@mm to automatically download
and install the worm when the email is
opened."
Old:
"Symantec Security Response has received
reports of a worm that arrives in an email
and exploits a Microsoft Internet Explorer
vulnerability."
|
| |
|
|
2004-03-25 00:20
|
File size was changed.
New:
"9kb"
Old:
"N/A"
|
|
|
|
|
|
#3 - PANDA ANTIVIRUS
|
| |
|
|
Snapper.A
|
Severity:
1/4
|
File Size:
-
|
| |
|
|
Reported:
2004-03-25 10:08
|
Last Update:
2004-10-01 05:25
|
| |
Description:
It exploits two Internet Explorer vulnerabilities in order to spread via e-mail.
|
| |
|
Full Report From Vendor
|
|
|
#4 - SOPHOS
|
| |
|
|
W32/Snapper-A
|
Severity:
/5
|
File Size:
-
|
| |
|
|
Reported:
2004-03-25 18:28
|
Last Update:
2004-11-01 05:23
|
| |
Description:
|
| |
|
Full Report From Vendor
View/Hide ChangeLog
|
|
ChangeLog:
|
|
|
Changes are listed in chronological order with the latest changes first.
|
|
| |
|
|
2004-10-01 05:28
|
Description was changed.
New:
"/5"
Old:
"N/A"
|
| |
|
|
2004-10-01 05:28
|
Description was changed.
New:
"N/A"
Old:
"W32/Snapper-A spreads through the emails
using a known IE vulnerability."
|
|
|
|
|
|
#5 - MCAFEE
|
| |
|
|
W32/Snapper@MM
|
Severity:
3/7
|
File Size:
8,704 bytes (DLL)
|
| |
|
|
Reported:
2004-03-25 20:47
|
Last Update:
2004-07-01 05:32
|
| |
Description:
This threat has been deemed Low-Profiled due to media attention at the following site: http://www.eweek.com/article2/0,1759,1554603,00.asp --
|
| |
|
Full Report From Vendor
View/Hide ChangeLog
|
|
ChangeLog:
|
|
|
Changes are listed in chronological order with the latest changes first.
|
|
| |
|
|
2004-03-26 00:32
|
Severity was raised from 2/7 to 3/7.
|
| |
|
|
2004-03-26 00:32
|
Description was changed.
New:
"This threat has been deemed Low-Profiled due
to media attention at the following site:
http://www.eweek.com/article2/0,1759,1554603,
00.asp --"
Old:
"This detection is for a worm intended to
spread to email addresses extracted from the
Windows Address Book of the victim machine."
|
|
|
|
|
|
#6 - TREND MICRO
|
| |
|
|
WORM_SNAPPER.A
|
Severity:
1/3
|
File Size:
-
|
| |
|
|
Reported:
2004-03-28 03:06
|
Last Update:
2004-10-01 05:26
|
| |
Description:
|
| |
|
Full Report From Vendor
|
|
|
Please note: The information that this Secunia Virus Profile is based on comes from a third party unless stated otherwise.
The grouping process is done completely automatically, therefore minor inconsistencies may occur. For more information about Secunia Virus Information, please read: About Virus Information.
|
|
|
|
|
Secunia PSI
Scan | Patch | Track
Free Download
|
|
|
Secunia Poll
|
|
|
|
|
 |
|
|
Most Popular Advisories
|
|
|
|
|
|
