x
48h OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
SPECIAL OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
HALLOWEEN OFFER
take advantage of our
terrific discounts
BUY NOW AND GET A 50% OFF
x
CHRISTMAS OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 40% OFF
x
SPECIAL OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 50% OFF
x
BLACKFRIDAY OFFER
Buy the best antivirus
at the best price
TODAY ONLY UP TO 70% OFF
x
CYBERMONDAY OFFER
Buy the best antivirus
at the best price
(Only for homeusers)
TODAY ONLY UP TO 70% OFF
Active Scan. Scan your PC free
Panda Protection

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

BodyOnLoad

Threat LevelModerate threatDamageHighDistributionNot widespread
Common name:BodyOnLoad
Technical name:Exploit/BodyOnLoad
Threat level:Low
Alias:CVE-2005-1790, US-CERT: VU#887861, JS_WINDEXP.A, JS_ONLOADXPLT.A, Exploit-BO.gen, Bloodhound.Exploit.54
Type:Hacking Tool
Effects:  

It is a code specifically written in order to exploit a critical vulnerability in Internet Explorer running on Windows XP/2000/Me/98 computers. If successfully exploited, it allows arbitrary code to be executed in the vulnerable computer. The malicious code is hosted in a web page, and then unaware users are tricked into accessing it.

>
Affected platforms:

Windows 2003/XP/2000/NT/ME/98/95

First detected on:Dec. 1, 2005
Detection updated on:Dec. 2, 2005
StatisticsNo

Brief Description 

    

BodyOnLoad is a code specifically written in order to exploit a critical vulnerability in Internet Explorer running on Windows XP/2000/Me/98 computers.

If it is successfully exploited, BodyOnLoad allows arbitrary code to be executed in the vulnerable computer. For example, there are evidences that point to this code being used to download and run a copy of the Trojan detected as Downloader.DLE.

This vulnerability is exploited by hosting the malicious code in a web page, and by tricking users to access it.

Panda Security detects the code associated to the vulnerability as BodyOnLoad, thus warning users of its presence in the web pages accessed, and preventing them from being affected.

 

On December 14 2005, Microsoft released the security patch referred to the Mismatched Document Object Model Objects Memory Corruption vulnerability, which is included in the security bulletin MS05-054. Access the web page for downloading the patch.