This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects attempts to exploit a vulnerability in Java Runtime Environment which could result in remote code execution.
Oracle Java SE is prone to a memory-corruption vulnerability in Java Runtime Environment because it fails to properly validate the 'IntegerInterleavedRaster.verify()' method that allows to bypass 'dataOffsets' boundary checks by setting the 'numDataElements' field to 0. Specifically, this issue exists within the AWT 'mlib' library. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage.
Attackers can exploit this issue to execute arbitrary code within the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions.
- This vulnerability affects the following supported versions:
- 7 Update 21 , 6 Update 45 , 5.0 Update 45
Updates are available. Please see the references or vendor advisory for more information.