JS/Exploit.JavaDepKit [Threat Name] go to Threat

JS/Exploit.JavaDepKit.A [Threat Variant Name]

Category trojan
Aliases Exploit.Java.CVE-2010-0886.a (Kaspersky)
  Exploit-JavaWS.trojan (McAfee)
  Bloodhound.Exploit.292 (Symantec)
Short description

JS/Exploit.JavaDepKit.A is the detection name for the exploit code against a vulnerability in the Java Deployment Toolkit . By luring victims to a specially crafted web page, an attacker can exploit the vulnerability to execute arbitrary code in the context of the logged on user.

Other information

The exploit code is written in JavaScript and uses a Java Deployment Toolkit object to download and launch arbitrary Java code.


It exploits the CVE-2010-1423 vulnerability.


Microsoft Windows systems with Java versions 6, Update 10 up to 6, Update 19 installed are vulnerable.


Java 6 Update 20 , released 15.04.2010 by Oracle , included a fix for this issue.


Please enable Javascript to ensure correct displaying of this content and refresh this page.