Lucene search

K
canvasImmunity CanvasFIREFOX_APPENDCHILD
HistoryOct 28, 2010 - 12:00 a.m.

Immunity Canvas: FIREFOX_APPENDCHILD

2010-10-2800:00:00
Immunity Canvas
exploitlist.immunityinc.com
35

EPSS

0.969

Percentile

99.8%

Name firefox_appendchild
CVE CVE-2010-3765 Exploit Pack
VENDOR: Mozilla
Notes: Interleaving document.write and appendChild can lead to duplicate text
frames and overrunning of text run buffers.

This exploit can only be used from clientd.

Tested on:
Windows XP SP3 ENG with Firefox 3.6.11.

JavaScript Obfuscated.

We do not currently do process recovery in this exploit.

VersionsAffected: Firefox <=3.6.11
Repeatability: Infinite
References: [β€˜https://bugzilla.mozilla.org/show_bug.cgi?id=607222’]
Date public: 10/26/2010