|
|||
Rule General Information |
---|
Release Date: | 2016-05-19 | |
Rule Name: | WEB-OTHER Oracle Java IE Browser Plugin docbase Parameter Stack Buffer Overflow -1 (CVE-2010-3552) (Ransomware Attack Vector) | |
Severity: | ||
CVE ID: | ||
Rule Protection Details |
---|
Description: | A code execution vulnerability has been reported in Oracle Java. The vulnerability is contained in the Java plugin handler for Internet Explorer, JP2IEXP.dll. While parsing the parameter docbase, the value is copied into a fixed length buffer on the stack without validation. This can lead to a stack buffer overflow. | |
Impact: | Remote code execution | |
Affected OS: | Windows | |
Reference: | CVE-2010-3552 msf |
|
Solutions |
---|
Update vendor's patch. |