Intrusion Prevention

Oracle.Java.Security.Slider.Feature.Bypass

Description

This indicates an attack attempt against a Security Bypass vulnerability in Oracle Java JRE.
The vulnerability is caused by a design weakness error when the vulnerability software is loading a serialized class via the applet tag object attribute. It allows a remote attacker to execute arbitrary Java code via an unsigned Java applet.

Affected Products

Oracle Java Development Kit (JDK) 7 update 10
Oracle Java Development Kit (JDK) 7 update 11
Oracle Java Runtime Environment (JRE) 7 update 11
Oracle Java Runtime Environment (JRE) 7 update 10

Impact

System Compromise: Remote attackers can execute arbitrary Java Code within the context of the vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://www.oracle.com/technetwork/topics/security/javacpufeb2013verbose-1841196.html

CVE References

CVE-2013-1489