2013
08.19

Packet Storm Exploit 2013-0819-1 – Oracle Java BytePackedRaster.verify() Signed Integer Overflow

Category: Apple, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, tools, twitter, XSS / Tag:  / Add Comment

The BytePackedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of “dataBitOffset” boundary checks. This exploit code demonstrates remote code execution by popping calc.exe

Continue reading here:
Packet Storm Exploit 2013-0819-1 – Oracle Java BytePackedRaster.verify() Signed Integer Overflow

No Comment.

Add Your Comment

Your Comment

You must be logged in to post a comment.