Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and previous versions, 6 Update 45 and previous versions, and 5.0 Update 45 and previous versions, and OpenJDK 7, allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote malicious users to bypass the Java sandbox via vectors related to "Incorrect image channel verification" in 2D.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
oracle jre 1.7.0 |
||
sun jre 1.6.0 |
||
oracle jre 1.6.0 |
||
sun jre 1.5.0 |
||
oracle jre 1.5.0 |
||
suse linux enterprise server 11 |
||
suse linux enterprise software development kit 11 |
||
suse linux enterprise server 10 |
||
suse linux enterprise desktop 10 |
||
suse linux enterprise java 11 |
||
suse linux enterprise java 10 |
There is no honour among thieves
A black hat trouble maker appears to have released recent source code for one of the most popular exploit kits, malware-probers say. The dump was posted online by a user known as (@EkMustDie) before it was removed. The leaker appears to have previously tried to sell access to the exploit kit. Independent malware investigators including UK hacker known as MalwareTech (@MalwareTechBlog) and French bod Kaffeine (@kafeine) discovered the source code being slung on HackForums by the apparent former r...
PDF version In July we published our in-depth analysis into a targeted attack campaign that we dubbed ‘Crouching Yeti’. This campaign is also known as ‘Energetic Bear’. This campaign, which has been active since late 2010, has so far targeted the following sectors: industrial/machinery, manufacturing, pharmaceutical, construction, education and information technology. So far there have been more than 2,800 victims worldwide, and we have been able to identify 101 different organisatio...
Wait - they're doing online banking with an unpatched Windows PC?
Cybercrooks are targeting Japanese smut site aficionados with a new banking Trojan run. The Aibatook malware is targeting customers of Japanese banks who are also visitors on some of the country's most popular pornographic websites. Security researchers at anti-virus firm ESET estimated that more than 90 smut sites have been contaminated with malicious code. The malware relies on exploiting a Java security flaw that was patched more than a year ago to push Aibatook onto the machines of Windows P...
Windows, Mac, Linux users - it wants your BRAAINS
Miscreants have brewed a multi-platform strain of malware capable of infecting Windows, Mac OS and Linux PCs. The evil bot, which surfaced in early January, was written entirely in Java and designed to take advantage of the CVE-2013-2465 vulnerability (a Java flaw patched by Oracle last June) to infect victims. The malware - dubbed Backdoor-Java-Agent-A by Kaspersky Lab - was ultimately designed to conduct DDoS attacks from compromised computers. Infected drones were controlled over an IRC chann...
Early this year, we received a malicious Java application for analysis, which turned out to be a multi-platform bot capable of running on Windows, Mac OS and Linux. The bot was written entirely in Java. The attackers used vulnerability CVE-2013-2465 to infect users with the malware. To make analyzing and detecting the malware more difficult, its developers used the Zelix Klassmaster obfuscator. In addition to obfuscating bytecode, Zelix encrypts string constants. Zelix generates a different key ...
Tat’jana Šerbakova PDF Version The number of serious cyber-attacks detected over the last two years has increased so much that new attacks rarely cause much surprise. It’s now commonplace for antivirus companies to issue a report about the discovery of another botnet or highly sophisticated malware campaign that is gathering data. Companies are increasingly falling victim to cyber-attacks. According to a survey conducted by Kaspersky Lab and B2B International, 91% of the organizations polle...
Latest version of data-stealer targets Uyghur dissidents
A piece of malware linked to attacks against governments and organisations involved in hi-tech industries such as space exploration and nuclear power has been adapted to exploit a recently uncovered Java security flaw. NetTraveler has been outfitted to exploit a recently patched Java bug as part of a watering-hole-style attack involving compromised websites that redirects victims to an attack site hosting exploit code. The latest variants of the malware appear, which surfaced over the last few d...
NetTraveler, which we described in depth in a previous post, is an APT that infected hundreds of high profile victims in more than 40 countries. Known targets of NetTraveler (also known as ‘Travnet’ or “Netfile”) include Tibetan/Uyghur activists, oil industry companies, scientific research centers and institutes, universities, private companies, governments and governmental institutions, embassies and military contractors. During the last week, several spear-phishing e-mails were sent t...
Vulmon