This module exploits a memory corruption vulnerability in the Java QuickTime for Java (QtJava.dll) browser plug-in. The module runs a malicious web server on the CORE IMPACT Console and waits for an unsuspecting user(s) to connect to it with a Java-enabled browser using the vulnerable plug-in. When a user connects to the site they trigger the exploit and the module attempts to install an agent on their computer.
CVE Link
Exploit Type - Old
Exploits/Client Side
Exploit Platform
Exploit Type
Product Name