Computer Security
[EN] securityvulns.ru no-pyccku


Norman SandBox Analyzer detection
Published:28.02.2007
Source:
SecurityVulns ID:7318
Type:local
Threat Level:
2/10
Description:Malware code can detect sandbox presence and change it's behaviour.
CVE:CVE-2007-1194 (Norman SandBox Analyzer does not use the proper range for Interrupt Descriptor Table (IDT) entries, which allows local users to determine that the local machine is an emulator, or a similar environment not based on a physical Intel processor, which allows attackers to produce malware that is more difficult to analyze.)
Original documentdocumentArne Vidstrom, Evading the Norman SandBox Analyzer (28.02.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod