Threat Encyclopedia

Home > Threat Center > Threat Encyclopedia

Selected viruses, spyware, and other threats: sorted alphabetically

O
P
Q
R
S
T
U
V
W
X
Y
Z
Glossary

JS/Exploit.JavaDepKit.A

Aliases:	Exploit.Java.CVE-2010-0886.a (Kaspersky), Exploit-JavaWS trojan (McAfee) , Bloodhound.Exploit.292 (Symantec),
Type of infiltration:	Trojan
Size:	Variable
Affected platforms:	Microsoft Windows
Signature database version:	5024 (20100413)

Short description

JS/Exploit.JavaDepKit.A is the detection name for the exploit code against a vulnerability in the Java Deployment Toolkit. By luring victims to a specially crafted web page, an attacker can exploit the vulnerability to execute arbitrary code in the context of the logged on user.

Other information

The exploit code is written in JavaScript and uses a Java Deployment Toolkit object to download and launch arbitrary Java code.

It exploits the CVE-2010-1423 vulnerability.

Microsoft Windows systems with Java versions 6, Update 10 up to 6, Update 19 installed are vulnerable.

Java 6 Update 20, released 15.04.2010 by Oracle, included a fix for this issue.

All Products:

Cart About ESET Partners United States and Canada

© 2012 ESET North America. All rights reserved. Trademarks used herein are trademarks or registered trademarks of ESET spol. s r.o. or ESET North America.
All other names and brands are registered trademarks of their respective companies.