Author Topic: CVE-2010-0094-H flagged in .class file (Read 1514 times)

REDACTED · « **on:** December 27, 2017, 12:45:04 PM »

Hi,

I'm using practically same versions of two .class files, but Avast flags one of them with CVE-2010-0094-H virus. Does anyone know why. If yes, is there any known solution for this.

Thanks

Pondus · « **Reply #1 on:** December 27, 2017, 01:05:32 PM »

it is not a virus but a vulnerability exploit

CVE mitre have list of all exploits, 2010 tell you that is is from the year 2010

CVE-2010-0094 >> http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0094

https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Java/CVE-2010-0094

Quote

I'm using practically same versions of two .class files

one is fixed/patched the other not, or fake doing the exploit?

Upload and check file(s) at www.virustotal.com
post links to scan results here

REDACTED · « **Reply #2 on:** December 27, 2017, 01:18:44 PM »

Thanks for the reply.

Reason why I write 'practically' because, the only difference between the files is a return statement returning false in the v1 file and returning true in the v2 file. I'm confused on why only v2 file is being flagged as vulnerability.

@pondus, do you know of any solution/workaround for this?

Pondus · « **Reply #3 on:** December 27, 2017, 01:29:52 PM »

Quote

@pondus, do you know of any solution/workaround for this?

Reading the info at CVE.mitre it seems to be related to java update

Test the two files at www.virustotal.com and post links to scan result here

Author Topic: CVE-2010-0094-H flagged in .class file (Read 1514 times)

REDACTED

CVE-2010-0094-H flagged in .class file

Pondus

Re: CVE-2010-0094-H flagged in .class file

REDACTED

Re: CVE-2010-0094-H flagged in .class file

Pondus

Re: CVE-2010-0094-H flagged in .class file