Packet Storm Exploit 2013-0813-1 – Oracle Java IntegerInterleavedRaster.verify() Signed Integer Overflow

Posted by deepcore on August 14, 2013 – 2:59 am

The IntegerInterleavedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of “dataOffsets[0]” boundary checks. This exploit code demonstrates remote code execution by popping calc.exe. It was obtained through the Packet Storm Bug Bounty program.

Here is the original post:
Packet Storm Exploit 2013-0813-1 – Oracle Java IntegerInterleavedRaster.verify() Signed Integer Overflow

Tags: facebook, Security, twitter
This post is under “Apple, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, tools, twitter, XSS” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« http://nachumsaeng.go.th Packet Storm Advisory 2013-0813-1 – Oracle Java IntegerInterleavedRaster.verify() »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Packet Storm Exploit 2013-0813-1 – Oracle Java IntegerInterleavedRaster.verify() Signed Integer Overflow

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL