Attention: We will be transitioning to a new AAD or Microsoft Entra ID from the week of May 20, 2024. In case your tenant requires admin consent, please refer to this document located at Overview of user and admin consent - Microsoft Entra ID | Microsoft Learn and grant access to App ID: 6ba09155-cb24-475b-b24f-b4e28fc74365 with graph permissions for Directory.Read.All and User.Read for continued access.
Send us feedback
Thank you for your feedback
We couldn't find the malware. Try searching for the malware you’ve encountered. If you opened this link from a Microsoft product, please
use the Feedback Hub app
to report the invalid URL.
We couldn't find the malware. We’ve returned search results instead. If you opened this link from a Microsoft product, please
use the Feedback Hub app
to report the invalid URL.
Java/CVE-2010-0094 is a family of malicious Java applets stored within a Java Archive (.JAR) that attempts to exploit a vulnerability in the Java Runtime Environment (JRE) up to and including version 6 update 18. The vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to a host system outside its "sandbox" environment. It is discussed in CVE-2010-0094.
Java/CVE-2010-0094 is a family of malicious Java applets stored within a Java Archive (.JAR) that attempts to exploit a vulnerability in the Java Runtime Environment (JRE) up to and including version 6 update 18. The vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to a host system outside its "sandbox" environment. It is discussed in CVE-2010-0094.
Exploit:Java/CVE-2010-0094.DH is a Java based vulnerability which affects Java Runtime Environment (JRE) up to version 6 release 18 inclusive. The vulnerability makes it possible for untrusted code to gain full privileges at the level of the user's browser security scope.
Java/CVE-2010-0094.BL is a Java applet stored within a Java Archive (.JAR) that attempts to exploit a vulnerability in the Java Runtime Environment (JRE) up to and including version 6 update 18. The vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to a host system outside its "sandbox" environment. It is discussed in CVE-2010-0094.
If you visit a website containing the malicious code while using a vulnerable version of Java, Exploit:Java/CVE-2010-0094.BL is loaded. It then attempts to download and execute files from a remote host/URL. The files that are downloaded and executed could be any of the attacker's choice and could include additional malware.
Exploit:Java/CVE-2010-0094.DB is a Java based malware that exploits a vulnerability discussed in CVE-2010-0094. The vulnerability affects Java Runtime Environment (JRE) up to version 6 release 18 inclusive, and makes it possible for untrusted code to gain the user's security context privileges.
Exploit:Java/CVE-2010-0094.N is the detection for files that exploit a vulnerability which affects the Java Runtime Environment (JRE) up to and including version 6 update 18. The vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to a host system, outside its "sand box" environment.
The vulnerability can be exploited by malware to gain access to a user's computer to download and install malicious programs. The malware installation may occur when a malicious Java applet is executed by a vulnerable JRE. This scenario can occur when a user visits a malicious webpage that hosts such an applet. Note that a number of legitimate websites could be compromised or unwillingly host a malicious applet through advertising frames which could redirect to or host a malicious Java applet.
Exploit:Java/CVE-2010-0094.T is the detection for files that exploit a vulnerability which affects the Java Runtime Environment (JRE) up to and including version 6 update 18. The vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to a host system, outside its "sand box" environment.
Exploit:Java/CVE-2010-0094.AA is the detection for malicious Java applet stored within a Java Archive (.JAR) that attempts to exploit a vulnerability in the Java Runtime Environment (JRE) up to and including version 6 update 18. The vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to a host system, outside its "sand box" environment.
Exploit:Java/CVE-2010-0094.AX is a Java-based malware that exploits a vulnerability discussed in CVE-2010-0094. The vulnerability affects Java Runtime Environment (JRE) up to version 6 release 18 inclusive, and makes it possible for untrusted code to gain full privileges at the level of the user's browser security scope.
Exploit:Java/CVE-2010-0094.BC is a Java based malware that exploits a vulnerability discussed in CVE-2010-0094. The vulnerability affects Java Runtime Environment (JRE) up to version 6 release 18 inclusive and makes it possible for untrusted code to gain full privileges at the level of the user's browser security scope.
Exploit:Java/CVE-2010-0094.DF is the detection for malicious Java applet stored within a Java Archive (.JAR) that attempts to exploit a vulnerability in the Java Runtime Environment (JRE) up to and including version 6 update 18. The vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to a host system outside its "sandbox" environment. It is discussed in CVE-2010-0094.
Exploit:Java/CVE-2010-0094.A is the detection for files that exploit a vulnerability which affects the Java Runtime Environment(JRE) up to and including version 6 update 18. The vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to a host system, outside its "sand box" environment.
The vulnerability can be exploited by malware to gain access to a user's computer to download and install malicious programs. The malware installation may occur when a malicious Java applet is executed by a vulnerable JRE. This scenario can occur when a user visits a malicious webpage that hosts such an applet. Note that a number of legitimate websites could be compromised or unwillingly host a malicious applet through advertising frames which could redirect to or host a malicious Java applet.
Exploit:Java/CVE-2010-0094.D is a java based vulnerability which affects Java Runtime Environment (JRE) up to version 6 release 18 inclusive. The vulnerability makes it possible for untrusted code to gain full privileges at the user's browser security scope.
Exploit:Java/CVE-2010-0094.AF is a Java based vulnerability which affects Java Runtime Environment (JRE) up to version 6 release 18 inclusive. The vulnerability makes it possible for untrusted code to gain full privileges at the level of the user's browser security scope.
Exploit:Java/CVE-2010-0094.BA is the detection for malicious Java applet stored within a Java Archive (.JAR) that attempts to exploit a vulnerability in the Java Runtime Environment (JRE) up to and including version 6 update 18. The vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have unrestricted access to a host system, outside its "sandbox" environment.
In the wild, Exploit:Java/CVE-2010-0094.BA has been observed to be distributed with other malware, such as Trojan:Java/Rowindal.D.
Exploit:Java/CVE-2010-0094.BG is a Java based malware that exploits a vulnerability discussed in CVE-2010-0094. The vulnerability affects Java Runtime Environment (JRE) up to version 6 release 18 inclusive, and makes it possible for untrusted code to gain the user's security context privileges outside the sandbox environment.
Exploit:Java/CVE-2010-0094.BI is a variant of the Exploit:Java/CVE-2010-0094 family - a family of malicious Java applets that exploit a vulnerability in the Java Runtime Environment (JRE) up to and including version 6, update 18 (described in CVE-2010-0094).
The unsigned Java applet, detected as Exploit:Java/CVE-2010-0094.BI, will attempt to trigger the CVE-2010-0094 vulnerability and run its downloader class with elevated privileges, detected as Trojan:Java/Rowindal.D, to download and run malware on your computer.
For an explanation of signed and unsigned Java applets, Java classes and elevated privileges, please see the Additional information section in this entry.