Showing 1 - 1 of 1

Files

Packet Storm Exploit 2013-0917-1 - Oracle Java ShortComponentRaster.verify() Memory Corruption: Posted Sep 17, 2013; Site packetstormsecurity.com; The ShortComponentRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a memory corruption vulnerability that allows bypassing of "dataOffsets[]" boundary checks when the "numDataElements" field is 0. This exploit code demonstrates remote code execution by popping calc.exe. It was obtained through the Packet Storm Bug Bounty program.; tags | exploit, java, remote, code execution, bug bounty, packet storm; systems | windows; SHA-256 | b69d9577ff19470b3048d950dd9549dc3b2aa75f7581440fc3a967b43221d8d6; Download | Favorite | View

Related Files

Packet Storm Advisory 2013-0917-1 - Oracle Java ShortComponentRaster.verify(): Posted Sep 17, 2013; Site packetstormsecurity.com; The ShortComponentRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a memory corruption vulnerability that allows bypassing of "dataOffsets[]" boundary checks when the "numDataElements" field is 0. This vulnerability allows for remote code execution. User interaction is required for this exploit in that the target must visit a malicious page or open a malicious file. This finding was purchased through the Packet Storm Bug Bounty program.; tags | advisory, java, remote, code execution, bug bounty, packet storm; systems | windows; SHA-256 | 9b46afd762236e62d711f0fada9c9de29c69547da21046abe1e2ed3b09781fcc; Download | Favorite | View

Page 1 of 1 Back 1 Next