Nytro Posted December 4, 2011 Report Posted December 4, 2011 Cross-Platform Java Exploit (Cve-2011-3544) DemonstrationDescription: This video uses Armitage and Metasploit to demonstrate a new cross-platform Java exploit. This exploit uses a loophole in the Java API to execute a payload outside of Java's security sandbox without requiring a user to approve some action. This works in Firefox, Internet Explorer, and Safari on Windows, MacOS X, and presumably Linux. Java 1.6.0u27, Java 1.7.0, and older versions are vulnerable. Sursa: Cross-Platform Java Exploit (Cve-2011-3544) Demonstration Quote
