Lucene search
Vitaliy ToropovZDI-13-012HistoryFeb 11, 2013 - 12:00 a.m.
Oracle Java JavaFX WCGraphicsManager Remote Code Execution Vulnerability
2013-02-1100:00:00
Vitaliy Toropov
www.zerodayinitiative.com
19
EPSS
0.029
Percentile
90.8%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JavaFX WCGraphicsManager class. This class exposes methods that result in calls to the append() native function. One of the arguments passed to this native function is interpreted as a pointer to an object. This can be leveraged by an attacker to gain remote code execution under the context of the process.
Related
cvelist
cvelist
CVE-2012-1543
2013-02-02 00:00:00
zdi
zdi
Oracle Java JavaFX WCMediaPlayer Remote Code Execution Vulnerability
2013-02-11 00:00:00
ubuntucve
ubuntucve
CVE-2012-1543
2013-02-02 00:00:00
nvd
nvd
CVE-2012-1543
2013-02-02 00:55:01
prion
prion
Design/Logic Flaw
2013-02-02 00:55:00
cve
cve
CVE-2012-1543
2013-02-02 00:55:01
cert
cert
Oracle Java contains multiple vulnerabilities
2013-02-01 00:00:00
nessus
nessus
Oracle Java SE Multiple Vulnerabilities (February 2013 CPU)
2013-02-04 00:00:00
Oracle Java SE Multiple Vulnerabilities (February 2013 CPU) (Unix)
2013-02-22 00:00:00
securityvulns
securityvulns
Oracle Java multiple security vulnerabilities
2013-03-19 00:00:00
