Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and previous versions, 6 Update 30 and previous versions, and 5.0 Update 33 and previous versions allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows malicious users to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
sun jre 1.5.0 |
||
sun jre 1.6.0 |
||
oracle jre 1.6.0 |
||
oracle jre 1.7.0 |
||
debian debian linux 7.0 |
||
debian debian linux 6.0 |
||
suse linux enterprise server 11 |
||
suse linux enterprise software development kit 11 |
||
suse linux enterprise desktop 10 |
||
suse linux enterprise server 10 |
||
suse linux enterprise java 10 |
||
suse linux enterprise java 11 |
In early October, a story was published by the Wall Street Journal alleging Kaspersky Lab software was used to siphon classified data from an NSA employee’s home computer system. Given that Kaspersky Lab has been at the forefront of fighting cyberespionage and cybercriminal activities on the Internet for over 20 years now, these allegations were treated very seriously. To assist any independent investigators and all the people who have been asking us questions whether those allegations were tr...
There is no honour among thieves
A black hat trouble maker appears to have released recent source code for one of the most popular exploit kits, malware-probers say. The dump was posted online by a user known as (@EkMustDie) before it was removed. The leaker appears to have previously tried to sell access to the exploit kit. Independent malware investigators including UK hacker known as MalwareTech (@MalwareTechBlog) and French bod Kaffeine (@kafeine) discovered the source code being slung on HackForums by the apparent former r...
In the first quarter of 2013, several high-profile events occurred: the Venezuelan President Hugo Chavez died, Pope Benedict XVI resigned and the new Pope Francis was officially inaugurated. As usual, such events did not go unnoticed by spammers. Public interest in these important world events was widely utilized by the distributors of malicious links and fraudulent emails. However, cybercriminals did not forget about other methods of social engineering. After the demise of the President of Vene...
This is the topic that cybercriminals are speculating about and using as a hook to infect victims. The campaign stems from malicious emails that are sent in bulk to victims: The links mentioned in the email re-direct users to a legitimate Russian website called “Znakvoprosa” (translation: “interrogation sign”) that has been hacked in several occasions and even reported in Zone-h as such. When the victim clicks on one of the links in the email, he/she is first re-directed to the website ...
This is Kaspersky Lab’s annual threat analysis report covering the major issues faced by corporate and individual users alike as a result of malware, potentially harmful programs, crimeware, spam, phishing and other different types of hacker activity. The report has been prepared by the Global Research & Analysis Team (GReAT) in conjunction with Kaspersky Lab’s Content & Cloud Technology Research and Anti-Malware Research divisions. At the end of last year we published “ The Top 10...
Yesterday it was a dark day for many companies in Europe, but especially in the Netherlands. A piece of malware known as Worm.Win32.Dorifel infected over 3000 machines globally, and 90% of infected users were both from public and business sector organizations based in the Netherlands. We have seen government departments and hospitals being victims. The other countries with a large amount of infections were detected in Denmark, the Philippines, Germany, the United States and Spain. All users runn...
Market share! It’s an easy answer, but not the only one. In 2011, Apple was estimated to account for over 5% of worldwide desktop/laptop market share. This barrier was a significant one to break – Linux maintains under 2% market share and Google ChromeOS even less. This 15 year peak coincided with the first exploration by the aggressive FakeAv/Rogueware market targeting Apple computers, which we discovered and posted in April 2011 and later in May 2011, which no longer seem to be such an odd...
Kaspersky Lab tags MS Word as the vector
Hard on the heels of the Flashback Trojan, Kaspersky Lab is warning of a new OSX threat, which it’s dubbed Backdoor.OSX.SabPub.a. In a post to Securelist, Kaspersky’s Costin Raiu says the Trojan connects to a command and control server hosted on a Californian-based VPS associated with the Onedumb.com free DNS. Apparently a month old, the Trojan uses a Java exploit given the name Exploit.Java.CVE-2012-0507.bf in the Kaspersky post, with the ZelixKlassMaster obfuscator to try and get past malw...
Last week, Apple released two urgent updates to Mac OS X to: 1. Remove the Flashback malware about which we have already written 2. Automatically deactivate the Java browser plugin and Java Web Start, effectively disabling java applets in browsers Particularly, the second step shows the severity of the CVE-2012-0507 vulnerability exploited by Flashback to infect almost 700,000 users via drive-by malware downloads. Actually, it was the right decision because we can confirm yet another Mac malware...
Infected machines, not blank-eyed shuffling fanbois
The Mac-specific Flashback Trojan created a zombie army of 550,000 Mac machines by exploiting a Java hole that Apple only patched on Tuesday, six weeks after Microsoft plugged it up on Windows machines. This is according to Russian anti-virus firm Dr Web, which arrived at the figure after it successfully managed to sinkhole one of the command-and-control servers used to control Mac machines hit by the latest attack. The legions of compromised zombies were mostly located in the US (56.6 per cent,...
6 weeks after Microsoft machines are patched...
Apple released a security update for OS X Java on Tuesday, plugging a security vulnerability exploited by the latest Flashback Trojan. The latest variant of the Mac-specific malware appeared on Monday and targeted a vulnerability in Java (CVE-2012-0507) which was patched on Windows machines more than six weeks ago. Apple's new version of Java for OS X 10.6 (Snow Leopard) and 10.7 (Lion) offers Mac users equivalent protection. Java is not needed to surf the net, with the exception of applications...
Flaw fixed for Windows, Apple fanbois left out
Security watchers have discovered a strain of Mac-specific malware that exploits an unpatched vulnerability in Java. A variant of the Flashback Trojan exploiting CVE-2012-0507 (a Java vulnerability) has been spotted in the wild, F-Secure warns. Oracle patched the vulnerability for Windows machines in February but is yet to issue a fix for Mac OS X - creating a window of opportunity for virus writers. F-Secure advises users to disable Java, which isn't needed to surf the vast majority of websites...
Vulmon