Posts Tagged ‘Java Exploit’

Java DangerLess than in a day after the Oracle developers corrected a dangerous gap in Java allowing far off to compromise target system on the basis of Windows OS, at underground Internet forums started sales of exploit for the next vulnerability of zero day in this platform.

According KrebsOnSecurity, one of the administrators of the hacker’s resource, whose name was not disclosed, posted a message that he is willing to sell the source code for the two immediately exploit zero-day vulnerabilities in Java. With this software should get to the first two customers for $ 5K

The report also noted that these gaps appear in Java 7 Update 11 and have not yet been included in any hacking tools offered by the network. According to the newspaper, the first sale was made shortly after the publication of the advertisement. (more…)

Virus AlertExploit.Java.CVE-2010-0842.a

Exploit that uses the vulnerability CVE-2010-0842 in the component “Sound” Oracle Java SE (up to version 6, the 18th update) to download files on the infected computer.

Technical details

Exploit that uses the vulnerability CVE-2010-0842 in the component “Sound” Oracle Java SE (up to version 6, the 18th update) to download files on the infected computer. Is RMF-file (Rich Music Format). Depending on the modification may have a size 492 or 479 bytes.

Destructive activity (more…)

Virus AlertMalware Exploit.Java.CVE-2010-0842.d – Exploit that uses the vulnerability CVE-2010-0842 in the component “Sound” Oracle Java SE (up to version 6, the 18th update) to download files on the infected computer.

Technical details

Exploit that uses the vulnerability CVE-2010-0842 in the component “Sound” Oracle Java SE (up to version 6, the 18th update) to download files on the infected computer. Is a Java-class (class-file). Has a size of 2195 bytes.

Destructive activity

Exploited by malicious functionality is implemented in the class “SiteAudioHelper”. The exploit is a Java-applet. Its launch is infected with HTML-pages with the tag “applet”, for which the parameter named “MIDIFILE” Given the path of a specially modified RMF-file (Rich Music Format). This file contains blocks “SONG” and “Midi” executable code to exploit the vulnerability object “MixerSequencer”, boot the infected computer file to a link. (more…)

First reported the vulnerability of experts FireEye, who talked about what address the server is used by an exploit.

In its notification expert FireEye, Atif Mushtaq noted that in the near future to exploit vulnerabilities in Java will become widely available, and attackers can use it very actively. According to analyst Brian Krebs Information Security, soon to exploit the vulnerability CVE-2012-4681 will be available in a set of tools for hacking BlackHole.

From Oracle at the time of publication of news no comment on the removal of the vulnerability has been reported.

Experts offer a variety of information security tips on how you can protect yourself from this vulnerability. The most reliable and radical method is the complete removal of the system with Java, user which is published on the manufacturer’s website. You can leave a working version of Java on one of the browsers and using it to separate trusted sites.

Some experts also recommend Java rollback to an earlier version, or install a third-party solution, but both methods carry their own dangers, and thus can not guarantee a solution.