HTTP: Unsafe Java DTK ActiveX Control
This signature detects use of an unsafe ActiveX control for Java DTK. This control is being actively exploited by the "Blackhole" Trojan and similar malware and should not be used.
Extended Description
Oracle Java SE is prone to a remote code execution vulnerability in Java Runtime Environment. The vulnerability can be exploited over multiple protocols. This issue affects the 'Hotspot' sub-component. This vulnerability affects the following supported versions: 7 Update 4, 6 Update 32, 5 Update 35, 1.4.2_37
Affected Products
Hitachi ucosminexus_developer_professional
Short Name
HTTP:STC:ACTIVEX:JAVA-DTK
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
ActiveX CVE-2012-1723 CVE-2013-2416 Control DTK Java Unsafe bid:53960
Release Date
01/22/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3724
False Positive
Unknown
Vendors
Red_hat
Suse
Apple
Sun
Avaya
Oracle
Hitachi
Ubuntu
Mandriva
Debian
CVSS Score
10.0
4.3