Intrusion Prevention

GIFAR.Image.CSRF

Description

This indicates an attempt to exploit a Cross-site request forgery vulnerability in Java VM.
This vulnerability presents itself when a malicious JAR file is combined with a GIF file. The browser may interpret the file as a GIF and will trust its content, while the Java VM recognizes the JAR part and will automatically run it.

Affected Products

Social sites like Facebook and Myspace are particularly at risk, and any site which requires the users to login.

Impact

System Compromise: remote attackers can exploit Cross-site request forgery.

Recommended Actions

Do not install java vm.
Do not browse untrusted site.
Refer to the Sun's web site for suggested workaround.