Lucene search
Sami KoivuZDI-11-083HistoryFeb 15, 2011 - 12:00 a.m.
Oracle Java Applet Clipboard Injection Remote Code Execution Vulnerability
2011-02-1500:00:00
Sami Koivu
www.zerodayinitiative.com
18
0.013 Low
EPSS
Percentile
85.7%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java Runtime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw is due to insufficient defenses against system clipboard hijacking. When in focus, a handle to the system clipboard can be retrieved without user interaction by a malicious component. The clipboard can then be arbitrarily read from or written to. By writing a TransferableProxy object to the system clipboard and then forcing a paste action, arbitrary code can be executed under the context of the user invoking the JRE.
Related
securityvulns
securityvulns
ZDI-11-083: Oracle Java Applet Clipboard Injection Remote Code Execution Vulnerability
2011-02-17 00:00:00
Oracle Java multiple security vulnerabilities / OpenJDK
2011-02-17 00:00:00
cve
cve
CVE-2010-4465
2011-02-17 19:00:01
ubuntucve
ubuntucve
CVE-2010-4465
2011-02-17 00:00:00
cvelist
cvelist
CVE-2010-4465
2011-02-17 18:31:00
nvd
nvd
CVE-2010-4465
2011-02-17 19:00:01
seebug
seebug
Oracle Java Appletεͺθ΄΄ζΏζ³¨ε
₯θΏη¨δ»£η ζ§θ‘ζΌζ΄
2011-12-01 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:57:56
prion
prion
Code injection
2011-02-17 19:00:00
nessus
nessus
CentOS 5 : java-1.6.0-openjdk (CESA-2011:0281)
2011-04-15 00:00:00
Oracle Linux 5 / 6 : java-1.6.0-openjdk (ELSA-2011-0281)
2013-07-12 00:00:00
RHEL 5 / 6 : java-1.6.0-openjdk (RHSA-2011:0281)
2011-02-18 00:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2011-0281)
2015-10-06 00:00:00
RedHat Update for java-1.6.0-openjdk RHSA-2011:0281-01
2011-02-18 00:00:00
CentOS Update for java CESA-2011:0281 centos5 i386
2011-08-09 00:00:00
redhat
redhat
(RHSA-2011:0281) Important: java-1.6.0-openjdk security update
2011-02-17 00:00:00
(RHSA-2011:0490) Critical: java-1.4.2-ibm security update
2011-05-05 00:00:00
(RHSA-2011:0870) Moderate: java-1.4.2-ibm-sap security update
2011-06-15 00:00:00
centos
centos
java security update
2011-04-14 14:33:37
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2011-02-17 00:00:00
ubuntu
ubuntu
OpenJDK 6 vulnerabilities
2011-03-17 00:00:00
OpenJDK 6 vulnerabilities
2011-03-15 00:00:00
OpenJDK 6 vulnerabilities
2011-03-01 00:00:00
debian
debian
[SECURITY] [DSA 2224-1] openjdk-6 security update
2011-04-20 20:19:48
osv
osv
openjdk-6 - several
2011-04-20 00:00:00
suse
suse
remote code execution in java-1_4_2-ibm
2011-05-13 13:10:27
Security update for IBM Java 1.4.2 (important)
2011-07-22 05:08:11
remote code execution in java-1_6_0-ibm,java-1_5_0-ibm,java-1_4_2-ibm
2011-03-22 13:32:34
fedora
fedora
[SECURITY] Fedora 14 Update: java-1.6.0-openjdk-1.6.0.0-52.1.9.7.fc14
2011-02-16 19:20:33
[SECURITY] Fedora 13 Update: java-1.6.0-openjdk-1.6.0.0-50.1.8.7.fc13
2011-02-16 19:17:23
[SECURITY] Fedora 13 Update: java-1.6.0-openjdk-1.6.0.0-51.1.8.8.fc13
2011-06-15 05:33:46
vmware
vmware
oracle
oracle
cpuapr2011
2011-04-19 00:00:00
gentoo
gentoo
Oracle JRE/JDK: Multiple vulnerabilities
2011-11-05 00:00:00
IcedTea JDK: Multiple vulnerabilities
2014-06-29 00:00:00