Java Atomic Reference Array Type Violation Vulnerability

March 30, 2012 in Exploits, Videos

Java AtomicReferenceArray Type Violation Vulnerability
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use.
This Metasploit module exploits a vulnerability due to the fact that AtomicReferenceArray uses the Unsafe class to store a reference in an array directly, which may violate type safety if not used properly. This allows a way to escape the JRE sandbox, and load additional classes in order to perform malicious operations.
Exploit-DB updates
View Source

Comments are closed.