Security Advisory: Java 7 vulnerable to Zero-day exploits

preview_player
Показать описание

To comment on this video please visit the following:
  1. TRUValue Information Security
  2. security
  3. computer
  4. hacking
  5. programming
  6. web
Рекомендации по теме
Security Advisory: Java 0:04:36

Security Advisory: Java 7 vulnerable to Zero-day exploits

Security vulnerabilities in 0:59:09

Security vulnerabilities in Java SE

STEVE POOLE - 0:56:11

STEVE POOLE - The Anatomy of Java Vulnerabilities

Java 7 - 0:01:59

Java 7 - SECURITY RISK

What is log4j 0:03:26

What is log4j vulnerability ?

Legacy Java Vulnerabilities 0:48:37

Legacy Java Vulnerabilities - Jonathan Gohstand - OWASP AppSec California 2015

AT&T ThreatTraq - 0:25:08

AT&T ThreatTraq - A New 0-Day Exploit for Java - 1/10/2013

FIX PowerShell 7.2 0:01:00

FIX PowerShell 7.2 7.3 Vulnerability with CVE 2023-28260 | Advised to update PowerShell 7 ASAP

CVE-2012-4681- Vulnerabilidad en 0:03:02

CVE-2012-4681- Vulnerabilidad en Java 7 - Demo

Resolving a security 0:04:08

Resolving a security vulnerability in WAS Server Traditional and Liberty, IBM HTTP, and Java Runtime

Java 0-Day Vulnerability 0:01:42

Java 0-Day Vulnerability Exploit Demo (CVE-2012-4681)

Log4Shell Security Exploit 0:23:05

Log4Shell Security Exploit Deep Dive (Using Spring Boot and Maven application example)

Critical Apache Log4j 0:12:16

Critical Apache Log4j Vulnerability | Impact For Splunk Enterprise And Splunk Apps

Log4Shell Vulnerability 🦠 0:06:23

Log4Shell Vulnerability 🦠 Log4J Version 2.17.0 🦠 Impact 🦠 What not to do 🦠

Patching UniFi Against 0:07:37

Patching UniFi Against The Log4J CVE-2021-44228 Vulnerability

Acronis webinar: Get 0:51:00

Acronis webinar: Get Fast Facts on the Log4J Vulnerability; Act Quickly to Neutralize it Now

Urgent Discussion Apache 0:58:46

Urgent Discussion Apache log4j Vulnerability

What You Need 0:32:25

What You Need to Know About the Log4Shell / Apache Log4j Injection Vulnerability (CVE-2021-44228)

Wargames - Java 1:08:01

Wargames - Java vulnerabilities and why you should care (06 juin 2024) by Gerrit Grunwald

Oracle Releases Emergency 0:01:40

Oracle Releases Emergency Java 7 Update 17

Fixing OSS Security 1:11:38

Fixing OSS Security Vulnerabilities at Scale!

Acronis webinar: Get 0:45:00

Acronis webinar: Get Fast Facts on the Log4J Vulnerability; Act Quickly to Neutralize it Now

Understanding the Log4j 0:20:30

Understanding the Log4j Vulnerability | Exploiting VMware VCenter & a reverse shell🔥| Patch NOW!...

CVE-2010-4452 : Oracle 0:02:13

CVE-2010-4452 : Oracle Java Applet2ClassLoader Remote Code Execution Exploit

Комментарии
Автор

We actually knew about this before it hit the news. During some Metasploit pen-testing of certain nodes, we accidentally found out about the Java exploit(major coding flaw). We later tested it with a Windows machine and had the same results. That trickled down to finding another exploit from software off Playstore that with a short script it allowed me to circumvent secure networks and machines w/ 9 out of 10 success ratio.

oglilpfo
Автор

Wow, just did a little research and they added a "patch" but it is useless against the exploit we where able to emulate. Even disabling "Remote Desktop" I am able to gain full control. FYI the flaw we found is similar to the old "script injection" into search queries like site "search" option...

oglilpfo
Автор

How do you think the will affect java in the future? I see with them patching but it not necessarily helping the big issues is gonna cause some trouble. To a degree, java should just think about taking down Java 7 until they can examine it more closely.

TRUValueInformationSecurity
Автор

Do you know how much Java 7 Update 11 fixed? Some articles are reading are suggesting some fixes but not all, other says it completely fixed, and others are saying there were absolutely no fixed.

TRUValueInformationSecurity