This module exploits a vulnerability in Java QuickTime (QtJava.dll),specifically the routine toQTPointer() exposed through quicktime.util.QTHandleRef. A lack of sanity checking on the parameters passed to this routine, through the Java Virtual Machine (JVM), allows an attacker to write arbitrary values to memory. This module runs a web server waiting for vulnerable clients (In Windows ,Opera, Firefox and Internet Explorer and in Mac Os X in Safari Browser) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
CVE Link
Exploit Type
Product Name