Wilders Security Forums  

Go Back   Wilders Security Forums > Other Security Topics > malware problems & news
Reload this Page Blackhole, CVE-2012-0507 and Carberp
User Name
Password
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

 
 
Thread Tools Search this Thread
  #1  
Old March 30th, 2012, 05:06 PM
ronjor's Avatar
ronjor ronjor is offline
Global Moderator
  
Join Date: Jul 2003
Location: Texas
Posts: 46,364
Default Blackhole, CVE-2012-0507 and Carberp
Quote:
by David Harley Senior Research Fellow

This week Blackhole has been updated to version 1.2.3 and includes a new exploit for the Java CVE-2012-0507 vulnerability, which ESET calls Java/Exploit.CVE-2012-0507. Earlier this week information was published about the Blackhole update by French malware researcher Xylitol and last week Microsoft shared information about an interesting way of breaching the JRE (Java Runtime Environment) sandbox.

The first information about a working exploit for CVE-2012-0507 was released by the company Immunity with reference to the 7.03.2012 product update of Immunity CANVAS Modules. The first In-the-Wild detections were recognized during the week beginning on March 12, 2012. The CVE-2012-0507 vulnerability was remediated on February 15 as part of a critical patch update advisory. Today a public module for Metasploit Framework was released, working on a range of platforms: Windows, Linux, Solaris and OSX. The Metasploit module for exploitation of CVE-2012-0507 looks the same as the exploit version seen in the updated Blackhole version.
http://blog.eset.com/2012/03/30/blac...07-and-carberp
  #2  
Old March 30th, 2012, 05:26 PM
Triple Helix's Avatar
Triple Helix Triple Helix is offline
Prevx Forum Helper
  
Join Date: Nov 2004
Location: Oshawa, Ontario
Posts: 9,634
Default Re: Blackhole, CVE-2012-0507 and Carberp
Thanks Ron!

TH
__________________
Triple Helix - Microsoft® MVP Consumer Security 2012/14

VIP Member Of ASAP - (Alliance of Security Analysis Professionals™)

Webroot® SecureAnywhere™ Complete 2013 Closed Beta Tester v8.0.2.155 - VoodooShield 1.08 - Windows 7 Ultimate 64bit and all Windows OS's from XP to Win 8 on VM's.
  #3  
Old March 30th, 2012, 06:57 PM
Hungry Man's Avatar
Hungry Man Hungry Man is offline
Incredibly Massive Poster
  
Join Date: May 2011
Posts: 8,519
Default Re: Blackhole, CVE-2012-0507 and Carberp
Multiplatform exploit - super.

I don't have Java installed actually on my Linux though. Anyone who does can just enable the apparmor profile.
__________________
  #4  
Old March 30th, 2012, 11:41 PM
G1111's Avatar
G1111 G1111 is offline
Very Frequent Poster
  
Join Date: May 2005
Location: USA
Posts: 1,732
Default Re: Blackhole, CVE-2012-0507 and Carberp
Thanks for the article Ron.
 

Wilders Security Forums > Other Security Topics > malware problems & news « Previous Thread | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Settings
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -4. The time now is 11:41 PM.

Contact Us - SSL - Wilders Security - Archive - TOS/Privacy - Top

Powered by vBulletin® Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2013, Wilders Security Forums