Lucene search
Michael SchierlZDI-11-305HistoryOct 26, 2011 - 12:00 a.m.
Oracle Java Applet Rhino Script Engine Remote Code Execution Vulnerability
2011-10-2600:00:00
Michael Schierl
www.zerodayinitiative.com
127
EPSS
0.96
Percentile
99.5%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Java handles Rhino Javascript errors. The built-in javascript engine in Java fails to perform sufficient sanitation on javascript error objects. The effect is that untrusted code can run in privileged context. This can result in remote code execution under the context of the current user.
Related
exploitdb
exploitdb
Java Applet Rhino Script Engine - Remote Code Execution (Metasploit)
2011-11-30 00:00:00
canvas
canvas
Immunity Canvas: JAVA_RHINO
2011-10-19 21:55:00
seebug
seebug
Oracle Java Applet Rhino่ๆฌๅผๆ่ฟ็จไปฃ็ ๆง่กๆผๆด
2011-12-01 00:00:00
Java Applet Rhino Script Engine Remote Code Execution
2014-07-01 00:00:00
IBM Rational AppScan 8.x/7.x ๅคไธชๅฎๅ
จๆผๆด
2012-06-16 00:00:00
thn
thn
Kaspersky finds Malware that resides in your RAM
2012-03-20 13:48:00
Office based Trojan threat for Mac OS X by Chinese hackers
2012-03-29 17:25:00
threatpost
threatpost
New Trojan For Mac Used In Attacks On Tibetan NGOs
2012-03-21 18:31:56
The Rise of Cross-Platform Malware
2012-08-24 14:57:16
nvd
nvd
CVE-2011-3544
2011-10-19 21:55:01
ubuntucve
ubuntucve
CVE-2011-3544
2011-10-19 00:00:00
attackerkb
attackerkb
CVE-2011-3544
2011-10-19 00:00:00
cisa_kev
cisa_kev
securityvulns
securityvulns
ZDI-11-305 : Oracle Java Applet Rhino Script Engine Remote Code Execution Vulnerability
2011-10-31 00:00:00
APPLE-SA-2011-11-08-1 Java for Mac OS X 10.7 Update 1 and Java for Mac OS X 10.6 Update 6
2011-11-11 00:00:00
Oracle Java multiple security vulnerabilities
2011-11-11 00:00:00
veracode
veracode
Authorization Bypass
2019-05-02 04:55:59
cve
cve
CVE-2011-3544
2011-10-19 21:55:01
checkpoint_advisories
checkpoint_advisories
Oracle Java Applet Rhino Script Engine Policy Bypass (CVE-2011-3544)
2012-03-19 00:00:00
prion
prion
Design/Logic Flaw
2011-10-19 21:55:00
cvelist
cvelist
CVE-2011-3544
2011-10-19 21:00:00
saint
saint
Oracle Java Rhino Script Engine Code Execution
2011-12-02 00:00:00
Oracle Java Rhino Script Engine Code Execution
2011-12-02 00:00:00
Oracle Java Rhino Script Engine Code Execution
2011-12-02 00:00:00
zdt
zdt
Java Applet Rhino Script Engine Remote Code Execution
2011-11-30 00:00:00
Java Applet Rhino Script Engine Remote Code Execution
2011-11-30 00:00:00
packetstorm
packetstorm
Java Applet Rhino Script Engine Remote Code Execution
2011-11-30 00:00:00
metasploit
metasploit
Java Applet Rhino Script Engine Remote Code Execution
2011-11-30 00:05:20
symantec
symantec
Oracle Java SE Rhino Script Engine Remote Code Execution Vulnerability
2011-10-18 00:00:00
fireeye
fireeye
openvas
openvas
Oracle Java SE Multiple Vulnerabilities - October 2011 (Windows02)
2011-11-15 00:00:00
Oracle Java SE 6, 7 Multiple Vulnerabilities (cpuoct2011) - Windows
2011-11-15 00:00:00
Ubuntu: Security Advisory (USN-1263-2)
2012-01-25 00:00:00
debian
debian
[SECURITY] [DSA 2356-1] openjdk-6 security update
2011-12-01 20:33:15
[SECURITY] [DSA 2358-1] openjdk-6 security update
2011-12-05 19:26:27
nessus
nessus
Debian DSA-2356-1 : openjdk-6 - several vulnerabilities (BEAST)
2011-12-02 00:00:00
Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2011-10) (BEAST)
2013-09-04 00:00:00
RHEL 5 / 6 : java-1.6.0-openjdk (RHSA-2011:1380)
2011-10-19 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: java-1.7.0-openjdk-1.7.0.1-2.0.2.fc16
2011-11-10 17:36:54
[SECURITY] Fedora 16 Update: java-1.6.0-openjdk-1.6.0.0-60.1.10.4.fc16
2011-11-05 01:27:14
[SECURITY] Fedora 16 Update: java-1.6.0-openjdk-1.6.0.0-68.1.11.5.fc16
2012-10-18 00:30:15
centos
centos
java security update
2011-10-19 21:07:19
amazon
amazon
Critical: java-1.6.0-openjdk
2011-10-31 18:22:00
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2011-10-18 00:00:00
redhat
redhat
(RHSA-2011:1380) Critical: java-1.6.0-openjdk security update
2011-10-18 00:00:00
(RHSA-2012:0034) Critical: java-1.6.0-ibm security update
2012-01-18 00:00:00
(RHSA-2011:1384) Critical: java-1.6.0-sun security update
2011-10-19 00:00:00
osv
osv
openjdk-6 - several
2011-12-01 00:00:00
openjdk-6 - several
2011-12-05 00:00:00
ubuntu
ubuntu
IcedTea-Web, OpenJDK 6 vulnerabilities
2011-11-16 00:00:00
OpenJDK 6 regression
2012-01-24 00:00:00
suse
suse
Security update for IBM Java (important)
2012-01-23 17:08:23
Security update for IBM Java 1.6.0 (important)
2012-03-06 21:08:29
ibm
ibm
Potential Security Vulnerabilities With JavaTM SDKs
2018-06-17 14:01:55
securelist
securelist
gentoo
gentoo
Oracle JRE/JDK: Multiple vulnerabilities
2011-11-05 00:00:00
IcedTea JDK: Multiple vulnerabilities
2014-06-29 00:00:00