Oracle has release an out-of-band patch, Java SE 7 Update 11, in order to patch the latest 0day, aka CVE-2013-0422, found massively exploited in the wild by kafeine. This update is done through an Oracle Security Alert regarding CVE-2013-0422. Oracle confirm that Java version 6, 5 and 4 are not vulnerables. As always Oracle mention that the vulnerabilities … Continue reading Java Version 7 Update 11 Patch Oracle CVE-2013-0422 0day
If you are working in computer security and still don’t have hear about the latest Oracle Java 0day, aka CVE-2013-0422, then you should change you job ! This last Oracle Java 0day was discovered massively exploited in exploit kits by @kafeine the 10th January. Other exploit kits have quickly add support of this new vulnerability, … Continue reading Gong Da / Gondad Exploit Pack Add Java CVE-2013-0422 support
Like other Exploit Kits, Gong Da has add support for Oracle Java CVE-2013-1493 vulnerability, fixed in Oracle Java 6 Update 17, has also add support for Microsoft Internet Explorer CVE-2012-4969 and CVE-2012-4792 vulnerabilities, fixed in an emergency patch in September 2012 and January 2013. Here is the new code for CVE-2013-1493. And here the new code for CVE-2012-4792 (aka … Continue reading Gong Da Exploit Kit Add Java CVE-2013-1493 & IE CVE-2012-4792 & IE CVE-2012-4969 Support
If you are working in computer security and still don’t have heard about the latest Adobe Flash 0days, aka CVE-2013-0633 and CVE-2013-0634, then you should change of job ! These vulnerabilities were found exploited in targeted attacks through spear phishing email messages targeting several industries including the aerospace one. One of the e-email attached Word document … Continue reading Gong Da / Gondad Exploit Pack Add Flash CVE-2013-0634 Support