Java Runtime Environment 1.7 Zero-Day Exploit Delivers Backdoor
Revision as of 22:08, 1 February 2015 by Eric.freyssinet (talk | contribs) (Created page with "{{Publication |ExploitKit=Gondad, |Vulnerability=CVE-2012-4681, |Year=2012 |Date=2012-09-28 |Editor=Trend Labs |Link=http://blog.trendmicro.com/java-runtime-environment-1-7-ze...")
(Publication) Google search: [1]
| Java Runtime Environment 1.7 Zero-Day Exploit Delivers Backdoor | |
|---|---|
| Botnet | |
| Malware | |
| Botnet/malware group | |
| Exploit kits | Gondad |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | CVE-2012-4681 |
| CCProtocol | |
| Date | 2012 / 2012-09-28 |
| Editor/Conference | Trend Labs |
| Link | http://blog.trendmicro.com/java-runtime-environment-1-7-zero-day-exploit-delivers-backdoor/ (Archive copy) |
| Author | Manuel Gatbunton |
| Type | Blogpost |
Abstract
“ An unpatched JRE 1.7/Java 7 zero-day vulnerability (CVE-2012-4681) was recently found to be exploited by a malicious .JAR file hosted on a specific site. Successful exploit leads to the download of a backdoor, in effect allowing remote malicious users to execute their desired commands on the vulnerable system.
The zero-day exploit successfully runs in all versions of Internet Explorer, Firefox and Opera. According to a testing done by Metasploit, the vulnerability also runs on Google Chrome and Safari.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR455,
editor = {Trend Labs},
author = {Manuel Gatbunton},
title = {Java Runtime Environment 1.7 Zero-Day Exploit Delivers Backdoor},
date = {28},
month = Sep,
year = {2012},
howpublished = {\url{http://blog.trendmicro.com/java-runtime-environment-1-7-zero-day-exploit-delivers-backdoor/}},
}