FILE-JAVA -- Snort has detected traffic targeting vulnerabilities that are exploited in java files such as .class or .jar.
FILE-JAVA Oracle Java AtomicReferenceFieldUpdater remote code execution attempt
This rule looks for an attempt to exploit a missing primitive type check in Java's AtomicReferenceFieldUpdater. This could allow an untrusted Java application or applet to cause memory corruption and or bypass the Java sandbox. Affected versions are listed as 5.0u65, 6u75, 7u60, and 8u5.
This event is generated when an attempt to exploit a missing type check in CVE-2014-4262 against Oracle Java.
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
Memory Corruption
Memory Corruption is any vulnerability that allows the modification of the content of memory locations in a way not intended by the developer. Memory corruption results are inconsistent; they could lead to fatal errors and system crashes or data leakage; some have no effect at all.
CVE-2014-4262 |
Loading description
|
Tactic: Execution
Technique: Exploitation for Client Execution
For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org