In our continuing mission to equip security professionals against today’s advanced cyber threats, FireEye has published a free technical report, “A Daily Grind: Filtering Java Vulnerabilities." The report outlines the three most commonly exploited Java vulnerabilities and maps out the step-by-step infection flow of exploits kits that leverage them.
- CVE-2012-0507: is due to the improper implementation of AtomicReferenceArray() leading to the type confusion vulnerability.
- CVE-2013-2465: which involves insufficient bounds checks in the storeImageArray() function. This vulnerability is used by White Lotus and other exploit kits.
- CVE-2012-1723: which allows attackers to bypass sandbox using type confusion vulnerability.
These vulnerabilities are also being used in targeted attacks. Our report explains Java exploits’ three most common behaviors: usage of reflection to hide the function call, functional and data obfuscation and behavior to download the malicious files. Download the paper to learn more.