FILE-JAVA -- Snort has detected traffic targeting vulnerabilities that are exploited in java files such as .class or .jar.
FILE-JAVA Oracle Java AtomicReferenceFieldUpdater remote code execution attempt
This rule looks for an attempt to exploit a missing primitive type check in Java's AtomicReferenceFieldUpdater. This could allow an untrusted Java application or applet to cause memory corruption and or bypass the Java sandbox. Affected versions are listed as 5.0u65, 6u75, 7u60, and 8u5.
This event is generated when an attempt to exploit a missing type check in CVE-2014-4262 against Oracle Java.
No public information
No known false positives
Cisco Talos Intelligence Group
Tactic: Execution
Technique: Exploitation for Client Execution
For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org
Memory Corruption
Memory Corruption is any vulnerability that allows the modification of the content of memory locations in a way not intended by the developer. Memory corruption results are inconsistent; they could lead to fatal errors and system crashes or data leakage; some have no effect at all.
CVE-2014-4262Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. |
|
|||||||||||||||||||||||||
©2021 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
Privacy Policy | Snort License | FAQ | Sitemap
