13 matches found
Several Vulnerabilities Found in Google App Engine
A group of security researchers in Poland say they have discovered a long list of vulnerabilities in the Google App Engine, some of which enable an attacker to escape the Java sandbox. The researchers at Security Explorations say that they have found more than 30 vulnerabilities in the App Engine...
Java AtomicReferenceArray Type Violation Vulnerability
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
JDK: unspecified sanbox bypass (CanSecWest 2013, 2D)
The Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to execute arbitrary code via vectors related to 2D, as demonstrated by Joshua Drake during a Pwn2Own...
Black Hole Exploit Kit Targeting Java CVE-2012-1723 Flaw
A new fork of the Black Hole exploit kit is making quick work of a recently patched Java vulnerability and security researchers say that the attackers are registering new sites quickly to exploit users with vulnerable browsers. The CVE-2012-1723 Java vulnerability that the Black Hole exploit kit ...
Java Applet - Field Bytecode Verifier Cache Remote Code Execution (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 false def initiali...
Java Applet Field Bytecode Verifier Cache Remote Code Execution
Exploit for java platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
Java SE AtomicReferenceArray Unsafe Security Bypass
Added: 03/30/2012 CVE: CVE-2012-0507 BID: 52161 OSVDB: 80724 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Java...
Java SE AtomicReferenceArray Unsafe Security Bypass
Added: 03/30/2012 CVE: CVE-2012-0507 BID: 52161 OSVDB: 80724 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Java...
Java SE AtomicReferenceArray Unsafe Security Bypass
Added: 03/30/2012 CVE: CVE-2012-0507 BID: 52161 OSVDB: 80724 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Java...
Java - AtomicReferenceArray Type Violation (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' require 'rex' class Metasploit3 'Jav...
Java AtomicReferenceArray Type Violation
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' require 'rex' class Metasploit3 'Jav...
Java AtomicReferenceArray Type Violation Vulnerability
This module exploits a vulnerability due to the fact that AtomicReferenceArray uses the Unsafe class to store a reference in an array directly, which may violate type safety if not used properly. This allows a way to escape the JRE sandbox, and load additional classes in order to perform maliciou...
Oracle Java Webstart Trusted JNLP Extension Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle's Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...