HTTP: Oracle Java Security Slider Feature Bypass

This signature detects attempts to exploit a known vulnerability against Oracle Java Security. A successful attack can allow attackers to perform security restriction bypass.

Extended Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 10 and Update 11, when running on Windows using Internet Explorer, Firefox, Opera, and Google Chrome, allows remote attackers to bypass the "Very High" security level of the Java Control Panel and execute unsigned Java code without prompting the user via unknown vectors, aka "Issue 53" and the "Java Security Slider" vulnerability.

References

CVE: CVE-2013-1489

Short Name
HTTP:STC:JAVA:SEC-SLIDER-BYPASS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Bypass CVE-2013-1489 Feature Java Oracle Security Slider
Release Date
02/28/2013
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3650
False Positive
Unknown
CVSS Score

10.0

Found a potential security threat?