CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Packet Storm•added 2014/11/25 12:0 a.m.•35 views

Mozilla Firefox 3.6 mChannel Use-After-Free

Title: Firefox 3.6 Universal function exploit var foo=document.getElementById"exploit"; e.QueryInterfaceComponents.interfaces.nsIChannelEventSink.onChannelRedirectnull,new Object,0; var vftable = unescape"\x00% u0c10"; var shellcode =...

10CVSS0.2AI score0.83259EPSS

seebug.org•added 2014/08/08 12:0 a.m.•12 views

Mozilla Firefox 3.6.16 mChannel Use-After-Free漏洞

漏洞分析此漏洞是由于Mozilla Firefox的xul.dll在处理mChannel标签时，在OnChannelRedirect中对mChannel对象进行创建，但在随后调用Release释放，在释放对象过后没有对该指针进行标记，从而导致在随后的调用用中引用mChannel标签时，由于指针已经被释放，导致call地址不可读，从而引发漏洞，下面对此漏洞进行详细分析。首先打开PoC，火狐浏览器崩溃，附加调试器，到达漏洞现场。 858.85c: Access violation - code c0000005 first chance First chance exceptions a...

Exploit DB•added 2012/01/17 12:0 a.m.•43 views

Mozilla Firefox 3.6.16 (OSX) - mChannel Use-After-Free (Metasploit) (2)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 HttpClients::FF,...

7AI score

0day.today•added 2012/01/17 12:0 a.m.•14 views

Mozilla Firefox 3.6.16 mChannel use after free vulnerability

Exploit for macOS platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

7AI score

Saint•added 2011/08/22 12:0 a.m.•27 views

Mozilla Firefox OBJECT mChannel Use-After-Free

Added: 08/22/2011 CVE: CVE-2011-0065 BID: 47659 OSVDB: 72085 Background Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. Problem A use-after-free vulnerability allows command execution when a user loads a specially crafted web page that causes...

10CVSS9.7AI score0.83259EPSS

Exploit DB•added 2011/08/16 12:0 a.m.•46 views

Mozilla Firefox 3.6.16 (Windows 7) - mChannel Object Use-After-Free

Mozilla mChannel Object use after free - Found by regenrecht - MSF exploit by Rh0 - Win 7 fun version by mrme function trigger alert'ready?'; fakeobject = document.getElementById"d"; // allocate the object fakeobject.QueryInterfaceComponents.interfaces.nsIChannelEventSink; // append to the object...

7.4AI score

Packet Storm•added 2011/08/10 12:0 a.m.•47 views

Mozilla Firefox 3.6.16 mChannel Use After Free

$Id: mozillamchannel.rb 13507 2011-08-10 05:58:02Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

10CVSS0.1AI score0.83259EPSS

seebug.org•added 2011/08/10 12:0 a.m.•20 views

Mozilla Firefox 3.6.16 mChannel use after free vulnerability

No description provided by source. $Id: mozillamchannel.rb 13507 2011-08-10 05:58:02Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms o...

0day.today•added 2011/08/10 12:0 a.m.•11 views

Mozilla Firefox 3.6.16 mChannel use after free vulnerability

Exploit for windows platform in category remote exploits $Id: mozillamchannel.rb 13507 2011-08-10 05:58:02Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on...

seebug.org•added 2011/08/06 12:0 a.m.•14 views

Firefox 3.6.16 OBJECT mChannel Remote Code Execution Exploit (DEP bypass)

No description provided by source. require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = NormalRanking This module acts as an HTTP server include Msf::Exploit::Remote::HttpServer::HTML include Msf::Exploit::Remote::BrowserAutopwn autopwninfo :uaname = HttpClients::FF, :uaminver =...

exploitpack•added 2011/08/05 12:0 a.m.•15 views

Mozilla Firefox 3.6.16 - OBJECT mChannel Remote Code Execution (DEP Bypass) (Metasploit)

Mozilla Firefox 3.6.16 - OBJECT mChannel Remote Code Execution DEP Bypass Metasploit require 'msf/core' class Metasploit3 HttpClients::FF, :uaminver = "3.6.16", :uamaxver = "3.6.16", :osname = OperatingSystems::WINDOWS, :javascript = true, :rank = NormalRanking, def initializeinfo =...

Packet Storm•added 2011/08/05 12:0 a.m.•35 views

Mozilla Firefox 3.6.16 mChannel Use After Free Exploit

require 'msf/core' class Metasploit3 HttpClients::FF, :uaminver = "3.6.16", :uamaxver = "3.6.16", :osname = OperatingSystems::WINDOWS, :javascript = true, :rank = NormalRanking, def initializeinfo = superupdateinfoinfo, 'Name' = 'Mozilla Firefox 3.6.16 mChannel use after free Exploit',...

10CVSS9.7AI score0.83259EPSS

Exploit DB•added 2011/08/05 12:0 a.m.•22 views

Mozilla Firefox 3.6.16 - OBJECT mChannel Remote Code Execution (DEP Bypass) (Metasploit)

7.4AI score