JS.CVE-2005-1790.q or FP ?

I've recently found this file and many AVs detect it. Is it a FP or a real threat? NOD32 currently doesn't detect it. I've sent them the sample couple of days ago. Hope someone from eset can take a look at it.

 

"JS.CVE-2005-1790" exploit is a generic detection of web pages or e-mail messages which attempt to exploit the "Microsoft Internet Explorer onload Window() arbitrary code execution vulnerability" vulnerability.

This does not necessarily mean that a virus has been found. It merely means that JavaScript code was found which attempts to activate additional executable code without the user's express permission. This exploit can be used in a malicious web page or inside e-mail messages to execute code of the attacker's choice on the user's machine. Users of Internet Explorer and applications such as Outlook or Outlook Express that employs Internet Explorer to render HTML content are vulnerable to this exploit.

 

yes, beenthereb4, but it's always safer to detect it because you have said:

"This exploit can be used in a malicious web page or inside e-mail messages to execute code of the attacker's choice on the user's machine."

I don't use IE but will the AV detect the random executable code after the exploit has been run? Well..maybe Marcos can say something more about this