Oracle Java SSL Chosen Plain Text Exploit

The SSL protocol encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack on an HTTPS session. This module attacks the SSLv3 implementation in the Oracle Java Runtime Enviroment. The module is capable of obtaining encrypted cookies from browsers running the affected Java Runtimes.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2011-3389
Product Version: 
12.0
Released Date: 
Thursday, February 2, 2012 - 00:00