This Metasploit module exploits a code execution vulnerability in Mozilla Firefox caused by interleaved calls to document.write and appendChild. This exploit is a metasploit port of the in-the-wild exploit.
843b760650dc1cd9d6f9a955b96d33b37fdcdd2f3d930a4d123bada5cd1bffd1Debian Linux Security Advisory 2124-1 - Several vulnerabilities have been discovered in Xulrunner, the component that provides the core functionality of Iceweasel, Debian's variant of Mozilla's browser technology.
63d61427844f29c8b6e7dc2bb27976f5d4dd7c9f8fd7a49ed4c6645fc811806cMandriva Linux Security Advisory 2010-219 - Unspecified vulnerability in Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, when JavaScript is enabled, allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in October 2010 by the Belmoo malware.
9b70dec8d866610bd7ce7df037c81c52319f063903cb26ecf3ca4fd6e63ffa76Ubuntu Security Notice 1011-3 - USN-1011-1 fixed a vulnerability in Firefox. This update provides the corresponding update for Xulrunner. Morten Krakvik discovered a heap-based buffer overflow in Firefox. If a user were tricked into navigating to a malicious site, an attacker could cause a denial of service or possibly execute arbitrary code as the user invoking the program.
ea538fb7a396cad06d7b022df27a6427f3c3f3de5e776aa2b925db67faeff274This is a simplified memory corruption proof of concept exploit for Firefox.
84f1b73f392b7d5cac24e6fbbd2c87adfae94e7b77462a12739e5959d7c4e4e3Ubuntu Security Notice 1011-2 - USN-1011-1 fixed a vulnerability in Firefox. This update provides the corresponding update for Thunderbird. Morten Krakvik discovered a heap-based buffer overflow in Firefox. If a user were tricked into navigating to a malicious site, an attacker could cause a denial of service or possibly execute arbitrary code as the user invoking the program.
80c141f74cebc113235f042dfb7cd7ed50aca7352fc34b58fdc7627cb6a710b2Mandriva Linux Security Advisory 2010-213 - Unspecified vulnerability in Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, when JavaScript is enabled, allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in October 2010 by the Belmoo malware.
4cdfd6730622b7459b8ae41be37d6808924aa067a1e95a69d2c972df23792f1fUbuntu Security Notice 1011-1 - Morten Krakvik discovered a heap-based buffer overflow in Firefox. If a user were tricked into navigating to a malicious site, an attacker could cause a denial of service or possibly execute arbitrary code as the user invoking the program.
c70c8634f7e5edd3db3ec6d893a08c59c2cd9c43a4e312f5589af964fa419897Firefox Interleaving document.write and appendChild denial of service exploit.
a43b05010abfc8a21721223d7f181abcebccf2f3c2f17bf1541dcc9a4be55167
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed