FILE-JAVA -- Snort has detected traffic targeting vulnerabilities that are exploited in java files such as .class or .jar.
FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt
This event is generated when an integer overflow attempt is detected in a Java JAR archive file targeting the IntegerInterleavedRaster field. This is related to CVE-2013-2471
This rule triggers on an attempt to exploit the IntegerInterleavedRaster field in Oracle Java archives.
No public information
No known false positives
Cisco Talos Intelligence Group
Tactic: Execution
Technique: Exploitation for Client Execution
For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org
Memory Corruption
Memory Corruption is any vulnerability that allows the modification of the content of memory locations in a way not intended by the developer. Memory corruption results are inconsistent; they could lead to fatal errors and system crashes or data leakage; some have no effect at all.
CVE-2013-2460Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "insufficient access checks" in the tracing component. |
|
|||||||||||||||||||||||||
CVE-2013-2471Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect IntegerComponentRaster size checks." |
|
|||||||||||||||||||||||||
CVE-2013-2473Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ByteBandedRaster size checks" in 2D. |
|
|||||||||||||||||||||||||
CVE-2014-4262Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. |
|
|||||||||||||||||||||||||
©2022 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
