Java 7 Applet Remote Code Execution

newsbot

newsbot

RSS Feed
This Metasploit module exploits a vulnerability in Java 7, which allows an attacker to run arbitrary Java code outside the sandbox. The vulnerability seems to be related to the use of the newly introduced ClassFinder#resolveClass in Java 7, which allows the sun.awt.SunToolkit class to be loaded and modified. Please note this flaw is also being exploited in the wild, and there is no patch from Oracle at this point. Our module has been successfully tested on multiple setups, including: IE, Firefox, Chrome and Safari on Windows, Linux and OS X, etc.

Weiterlesen...
 
:(
 

Ähnliche Themen

Nginx als Reverse Proxy für Nextcloud und Emby

X startet nichtmehr

Webmin /file/show.cgi Remote Command Execution

Splunk 5.0 Custom App Remote Code Execution

Samba 4 Gast Zugang unter Ubuntu funktioniert nicht

Zurück
Oben