Intrusion Prevention

Oracle.Java.MethodHandles.Lookup.Remote.Code.Execution

Description

This indicates an attack attempt against a remote Code Execution vulnerability in Oracle Java Runtime Environment.
The vulnerability is caused by an error when the software handles specially crafted jar file. It allows a remote attacker to write and execute files on a victim's computer.

Affected Products

Sun JRE 1.7.0_4
Sun JRE 1.7.0_2
Sun JRE 1.7
Sun JDK 1.7.0_4
Sun JDK 1.7.0_2
Sun JDK 1.7

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html

CVE References

CVE-2012-5088