1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Malicious Java Download Attack 5

Web Attack: Malicious Java Download Attack 5

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit Java 'Applet2ClassLoader' Class Unsigned Applet Remote Code Execution Vulnerability.

Additional Information

Oracle Java is prone to a remote code-execution vulnerability in the Java Runtime Environment. The 'findClass()' method of the 'sun.plugin2.applet.Applet2ClassLoader' class fails to properly validate URLs supplied to it by an unsigned applet. Specifically, when loading a class from a URL, the method fails to check if the URL matches the protocol, host, and port of the document containing the applet. An attacker can exploit this to load a class located at an attacker controlled site, in the context of the targeted site.

An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges.

This vulnerability affects the following supported versions:
6 Update 23

Affected

  • Sun JRE (Windows Production Release) 1.6 _17
  • Sun JRE (Windows Production Release) 1.6 _13
  • Sun JRE (Windows Production Release) 1.6 _12
  • Sun JRE (Windows Production Release) 1.6 _10
  • Sun JRE (Windows Production Release) 1.6 _07
  • Sun JRE (Windows Production Release) 1.6 _06
  • Sun JRE (Windows Production Release) 1.6 _05
  • Sun JRE (Windows Production Release) 1.6 _04
  • Sun JRE (Windows Production Release) 1.6
  • Sun JRE (Windows Production Release) 1.6.0_23
  • Sun JRE (Windows Production Release) 1.6.0_22
  • Sun JRE (Windows Production Release) 1.6.0_21
  • Sun JRE (Windows Production Release) 1.6.0_20
  • Sun JRE (Windows Production Release) 1.6.0_2
  • Sun JRE (Windows Production Release) 1.6.0_19
  • Sun JRE (Windows Production Release) 1.6.0_18
  • Sun JRE (Windows Production Release) 1.6.0_15
  • Sun JRE (Windows Production Release) 1.6.0_14
  • Sun JRE (Windows Production Release) 1.6.0_11
  • Sun JRE (Windows Production Release) 1.6.0_03
  • Sun JRE (Windows Production Release) 1.6.0_02
  • Sun JRE (Windows Production Release) 1.6.0_01

Response

Updates are available. Please see the references for more information.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube