Posts tagged: Nuclear Pack

Jan 10 2013

New Java 0-Day Exploit Spotted in the Wild

Java 7 0-Day ExploitA new Java 0-day vulnerability has been discovered, and is already being exploited in the wild. Currently, disabling the plugin is the only way to protect your computer.

The MBeanInstantiator in Oracle Java Runtime Environment (JRE) 1.7 in Java 7 Update 10 and earlier allows remote attackers to execute arbitrary code via vectors related to unspecified classes that allow access to the class loader, as exploited in the wild in January 2013, as demonstrated by Blackhole and Nuclear Pack, and a different vulnerability than CVE-2012-4681.

By convincing a user to visit a specially crafted HTML document, a remote attacker may be able to execute arbitrary code on a vulnerable system.

CVE Standard Vulnerability Entry: CVE-2013-0422

This actual vulnerability was later confirmed by security firm AlienVault Labs. With Kafeine’s help, the company reproduced the exploit on a new, fully-patched installation of Java, and used a malicious Java applet to remotely execute the Calculator application on Windows XP as shown in the below screen-shot:

Java 7 update 10 0-day exploit demo