FireEye MPS JAR analyzer command execution

Added: 12/28/2015
BID: 78809


The FireEye Malware Protection System (MPS) detects and eliminates malware found on file shares, web downloads, and e-mail.


A vulnerability in the Java Archive analysis tool could allow command execution when the tool analyzes a specially crafted JAR file containing obfuscated strings.


Upgrade FireEye security content to version 427.334 or higher.



Exploit requires a user on the monitored network to download the exploit file, which leads to a shell connection to the FireEye system.

Exploit requires the jar utility to be installed on the SAINT host.
Back to exploit index