An AccessControlContext attribute in the java.beans.Statement class of Oracle Java can be overwritten by unprivileged applets by using specially crafted Java Beans Expressions and Statements, even when the AccessControlContext attribute is declared as final. This flaw allows an unprivileged Java applet to escape the sandbox and execute arbitrary code on the target machine with the privileges of the current user. This vulnerability has been found exploited in-the-wild on August 26, 2012.
Unsafe type handling performed by the AtomicReferenceArray class of the Oracle Java Runtime Environment can be abused to cause a type confusion error. This flaw allows an unprivileged Java applet to escape the sandbox and execute arbitrary code on the target machine with the privileges of the current user.
The default Java security properties configuration does not restrict access to certain objects in the com.sun.jmx.mbeanserver packages. This flaw allows an unprivileged Java applet to escape the sandbox and execute arbitrary code on the target machine with the privileges of the current user.
This module exploits a XSS vulnerability in the opera:historysearch page in Opera which leads to remote command injection. This module runs a web server waiting for vulnerable clients (Opera) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module exploits a heap-based buffer overflow vulnerability in the OpenOffice software included in most linux distributions. The vulnerability is caused by the prtdata tag with a length parameter inconsistency, which causes vtable entries to be overwritten. The exploit is triggered when an unsuspecting user opens a specially crafted file distributed via an email.
This module exploits a XSS vulnerability in Openfire, which leads to remote command injection impersonating the administrator and uploading a plugin. This module runs a web server waiting for vulnerable clients (any browser) to connect to it. When the client connects, it will use their cookie and try to install an agent by installing a plugin in openfire.
This module exploits a XSRF vulnerability in Nagios which allows CORE Core Impact to perform remote command injection impersonating an administrator. This module runs a web server waiting for a Nagios administrator to connect to it. When the client connects, it will perform a Cross Site Request Forgery and try to install an agent on the Nagios server by using a command injection vulnerability.
This module exploits a buffer overflow in Mozilla Firefox when parsing a malformed UTF-8 encoded URL. This module runs a web server waiting for vulnerable clients to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module exploits a XSS vulnerability in JOnAS which allows CORE Core Impact to perform remote command injection impersonating an administrator and uploading a plugin to the JOnAS server. This module runs a web server waiting for a JOnAS administrator to connect to it. When the client connects, it will retrieve the JOnAS administrator cookie and try to install an agent on the JOnAS server by installing a custom plugin in JOnAS.
Subscribe to Linux