Description: This 0 day was found in Java on 26th august and exploit for Metasploit has been written.
The video demonstrating this vulnerability is begin posted here.
Till now no patch was provided from Oracle for Java.
Vulnerable Version is: JRE 1.7.
Applet runs in the browser.Tested on browsers: IE,Firefox,Chrome.
Platforms Affected: Windows,Linux,Java Universal
Note: This exploit is unable to bypass systems having a good antivirus during sending Stagers phase of exploitation.
Tags: jre17 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Very interesting! I wonder how long it will take to get this one patched.I would think the next step would to make Linux packet forward to a cloned web server til a session is made then, to kill the packet forwarding. Just from the noise of the packet forwarding also imagine that this would show up on any IDS also.