View Full Version : Java Applet Rhino Script Engine Remote Code Execution

Java-monitor RSS bot
01-12-2011, 14:24
This Metasploit module exploits a vulnerability in the Rhino Script Engine that can be used by a Java Applet to run arbitrary Java code outside of the sandbox. The vulnerability affects version 7 and version 6 update 27 and earlier, and should work on any browser that supports Java (for example: IE, Firefox, Google Chrome, etc).

More... (http://packetstormsecurity.org/files/107407/java_rhino.rb.txt)