Home / malware
First posted on 04 April 2020.
Exploit:Java/CVE-2011-3544.gen!C is also known as EXP/CVE-2011-3544, Exploit.CVE2011-3544.2, Exploit.Java.CVE-2011-3544.k, JV/MailSend, Mal/20113544-A, Trojan.Maljava.
Exploit:Java/CVE-2011-3544.gen!C is a generic detection for a malicious Java applet stored within a Java Archive (.JAR) that attempts to exploit a vulnerability in a Java Runtime Environment (JRE) component in Oracle, JAVA SE JDK and JRE 7, 6 update 27 and earlier. The vulnerability, discussed in CVE-2011-3544, allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to run arbitrary Java code outside of the "sandbox" environment.
The malicious JAR file is usually packaged with at least two Java applets: "morale.class" and a randomly named class, such as "m.class","n.class", or "k.class".
Downloads arbitrary files
Exploit:Java/CVE-2011-3544.gen!C is used in drive-by download attacks. Any web browsers with vulnerable Java versions may be exposed to malicious code intentionally designed to download and install arbitrary files, often malware. This exploit may attempt to download a file from a URL that is specified within the exploit code, or from the web page that loads the exploit.
Analysis by Rex Plantado
Last update 04 April 2020