Exploit Pack| CANVAS
Description| Java IE Plugin "docparam" Overflow
Notes| CVE Name: CVE-2010-3552
This exploit can only be used from clientd.
Windows XP Professional SP3 EN under IE 8 updated.
Windows XP Home SP3 EN with IE7
Windows 7 Ultimate with IE 8.
Windows Vista with IE 7
This exploit essentially works only under clientd. It does not work with HTTP MOSDEF as the shellcode
can only be of limited size.
This exploit defeats DEP. We don't do a heap-spray for this exploit - instead
doing some clever anti-DEP techniques detailed in the exploit itself.
Other possible anti-DEP techniques include:
.Net 2.0 DLL
We do not currently do process recovery in this exploit.
VersionsAffected: Oracle Java 6 <= Update 21
Date public: 10/12/2010