• Close
  • Back to search

    Sun Java Calendar Deserialization Privilege Escalation

    This module exploits a flaw in the deserialization of Calendar objects in the Sun JVM. The payload can be either a native payload which is generated as an executable and dropped/executed on the target or a shell from within the Java applet in the target browser. The affected Java versions are JDK and JRE 6 Update 10 and earlier, JDK and JRE 5.0 Update 16 and earlier, SDK and JRE 1.4.2_18 and earlier (SDK and JRE 1.3.1 are not affected).

    Free Metasploit Download

    Get your copy of the world's leading penetration testing tool

     Download Now

    Module Name

    exploit/multi/browser/java_calendar_deserialize

    Authors

    • sf <stephen_fewer [at] harmonysecurity.com>
    • hdm <x [at] hdm.io>

    References

    Targets

    • Generic (Java Payload)
    • Windows x86 (Native Payload)
    • Mac OS X PPC (Native Payload)
    • Mac OS X x86 (Native Payload)
    • Linux x86 (Native Payload)

    Platforms

    • linux
    • osx
    • solaris
    • windows
    • java

    Architectures

    • java
    • x86
    • ppc

    Reliability

    Development

    Module Options

    To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

    msf > use exploit/multi/browser/java_calendar_deserialize msf exploit(java_calendar_deserialize) > show targets ...targets... msf exploit(java_calendar_deserialize) > set TARGET <target-id> msf exploit(java_calendar_deserialize) > show options ...show and set options... msf exploit(java_calendar_deserialize) > exploit

    Related Vulnerabilities