Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:JAVA-UA-EXE-DL |
|---|---|
Severity |
Critical |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Executable File Downloaded by Java User Agent |
Release Date |
2013/01/18 |
Update Number |
2226 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Executable File Downloaded by Java User Agent
This signature detects a Microsoft executable file being downloaded by a web client using a Java User Agent string. This behavior has been identified as being common to many in-the-wild exploits targeting the recent Java 7 vulnerabilities. It is strongly recommended that you block this activity.
Extended Description
Per: http://www.oracle.com/technetwork/java/javase/downloads/jdk7-downloads-1880260.html 'Note: JDK and JRE 6, 5.0 and 1.4.2, and Java SE Embedded JRE releases are not affected.'
Affected Products
- Oracle jdk 1.7.0
- Oracle jre 1.7.0
References
- CVE: CVE-2013-2472
- CVE: CVE-2012-3174
- CVE: CVE-2012-5088
- CVE: CVE-2012-4681
- CVE: CVE-2012-5076
- CVE: CVE-2013-0422
- CVE: CVE-2012-0507
- CVE: CVE-2013-1493
- CVE: CVE-2013-2460