This Metasploit module exploits a vulnerability in the Java Runtime Environment that allows to deserialize a MarshalledObject containing a custom classloader under a privileged context. The vulnerability affects version 6 prior to update 19 and version 5 prior to update 23.
794bc0df6a31b6015ac507f6ae51c92a8feb0bd854850ae26fc69aa5ce976097