10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.965 High
EPSS
Percentile
99.5%
Name | java_docbase |
---|---|
CVE | CVE-2010-3552 Exploit Pack |
Vendor: Oracle | |
Notes: | |
This exploit can only be used from clientd. |
Tested on:
Windows XP Professional SP3 EN under IE 8 updated.
Windows XP Home SP3 EN with IE7
Windows 7 Ultimate with IE 8.
Windows Vista with IE 7
This exploit essentially works only under clientd. It does not work with HTTP MOSDEF as the shellcode
can only be of limited size.
This exploit defeats DEP. We don’t do a heap-spray for this exploit - instead
doing some clever anti-DEP techniques detailed in the exploit itself.
Other possible anti-DEP techniques include:
Shockwave DLL
.Net 2.0 DLL
We do not currently do process recovery in this exploit.
VersionsAffected: Oracle Java 6 <= Update 21
Repeatability: Infinite
References: [‘http://code.google.com/p/skylined/issues/detail?id=23’]
Date public: 10/12/2010