HEXALE (security & reverse engineering)

Thursday, January 10, 2013

Java 7 Update 10 0-Day RCE Exploit Demo (CVE-2013-0422)

This is a demo of the Java 7 Update 10 0-Day Vulnerability made public on 01-10-2013 (CVE-2013-0422). Java 7 Update 10 0-Day RCE Exploit Demo (CVE-2013-0422)

Exploit made public by http://www.twitter.com/Kafeine
Exploit code released publicly by Gdark - DamageLabs

References:
http://malware.dontneedcoffee.com/2013/01/0-day-17u10-spotted-in-while-disable.html
http://pastebin.com/raw.php?i=cUG2ayjh
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0422

Posted by hernan at 8:19 PM No comments:
Newer Posts Older Posts Home
Subscribe to: Posts (Atom)

Subscribe Now to hexale's feed!

Subscribe in a reader

Blog Archive

  • ►  2015 (1)
    • ►  January (1)
  • ►  2014 (1)
    • ►  September (1)
  • ▼  2013 (5)
    • ►  November (2)
    • ►  July (1)
    • ►  May (1)
    • ▼  January (1)
      • Java 7 Update 10 0-Day RCE Exploit Demo (CVE-2013-...
  • ►  2012 (7)
    • ►  November (1)
    • ►  August (1)
    • ►  June (2)
    • ►  March (2)
    • ►  February (1)
  • ►  2011 (6)
    • ►  August (3)
    • ►  April (1)
    • ►  March (2)
  • ►  2010 (10)
    • ►  December (1)
    • ►  October (5)
    • ►  September (2)
    • ►  February (2)
  • ►  2009 (7)
    • ►  October (2)
    • ►  May (1)
    • ►  April (2)
    • ►  March (1)
    • ►  January (1)
  • ►  2008 (21)
    • ►  December (2)
    • ►  November (2)
    • ►  October (3)
    • ►  August (2)
    • ►  July (2)
    • ►  June (4)
    • ►  May (2)
    • ►  February (1)
    • ►  January (3)
  • ►  2007 (21)
    • ►  December (3)
    • ►  November (7)
    • ►  October (1)
    • ►  September (5)
    • ►  August (3)
    • ►  July (2)
  • ►  2006 (6)
    • ►  November (1)
    • ►  September (1)
    • ►  July (1)
    • ►  June (1)
    • ►  February (1)
    • ►  January (1)
  • ►  2005 (9)
    • ►  December (2)
    • ►  November (7)

Some of my stuff

  • Post-Exploitation with WCE
  • WCE Internals
  • Windows Credentials Editor (WCE)
  • GUI Transfer Toolkit (GTT)
  • Windows SMB NTLM Weak Nonce Vulnerability Advisory
  • WifiZoo - Tool to gather cookies,ftp/smtp/pop3 credentials, network graphs and more from wireless networks
  • Tool: Pass-The-Hash Toolkit for Windows.
  • Paper: Modifying Windows NT Logon Credentials
  • Tool: Universal Hooker, To Instrument Programs using Python Scripts

Links to Other Blogs

  • Amplia Security Blog
  • Amplia Security
  • exploiting stuff blog
  • ret2libc
  • lapilitadegutes
  • Transwording.com
  • Cosas de JB
  • Google News
  • RSS Feed for this blog
  • Tomas Mono
  • The Broccoli Conspiracy
  • Radignorance
  • Juliano Rizzo's page
  • Tenuki's page

Labels

  • Security (11)