Intrusion PreventionOracle.Java.ServiceLoader.Exception.Handling.Sandbox.Bypass
Description
This indicates an attack attempt to exploit a Sandbox Bypass vulnerability in Oracle Java.
The vulnerability is due to an error when vulnerable module handles a crafted Java applet. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application via malicious crafted Java applet.
Affected Products
Oracle Java Runtime Environment (JRE) 5.0u61 and prior
Oracle Java Runtime Environment (JRE) 6u71 and prior
Oracle Java Runtime Environment (JRE) 7u51 and prior
Oracle Java Runtime Environment (JRE) 8
Oracle Java SE Embedded 7u51 and prior
Oracle JRockit R27.8.1 and prior
Oracle JRockit R28.3.1 and prior
Oracle Java Development Kit (JDK) 5.0u61 and prior
Oracle Java Development Kit (JDK) 6u71 and prior
Oracle Java Development Kit (JDK) 7u51 and prior
Oracle Java Development Kit (JDK) 8
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Upgrade to the latest version available from the website.
http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 38437 |
| Created | Jul 10, 2014 |
| Updated | Nov 15, 2021 |
| Risk |
|
| CVE ID | CVE-2014-0457 |
| Exploit Prediction Score | 91.66% |
| Default Action | drop |
| Active | |
| Affected OS | All |
| Affected App | Oracle |