Home / malwarePDF  


First posted on 07 December 2019.
Source: Microsoft

Aliases :

There are no other names known for Exploit:Java/CVE-2010-0840.NV.

Explanation :

Exploit:Java/CVE-2010-0840.NV is an obfuscated Java class that exploits a vulnerability described in CVE-2010-0840. Successful exploitation may lead to the download and execution of arbitrary files within the user's security context. When a user visits a website that contains this malicious Java class using a computer that has a vulnerable version of Sun Java, security checks may be bypassed, which allows arbitrary code execution. Installation

Exploit:Java/CVE-2010-0840.NV is commonly stored or bundled within a JAR (Java archive) file and hosted on a compromised web page. In the wild, we have observed that the malicious Java class is bundled with other malicious Java class applets in a .JAR file, as in the following examples:


lit.class - detected as Exploit:Java/CVE-2010-0840.NV lei.class – detected as Exploit:Java/CVE-2011-3544.O sot.class – detected as Exploit:Java/CVE-2011-3544.O Payload

Downloads and executes arbitrary files

When a user visits a website that contains the malicious Java applet while using a computer with a vulnerable version of Java installed, as described in CVE-2010-0840, Exploit:Java/CVE-2010-0840.NV attempts to download and execute a file from a specified URL. 

Analysis by Patrick Estavillo  

Last update 07 December 2019