x90c WOFF Firefox 1day exploit

2013-08-20T00:00:00
ID SECURITYVULNS:DOC:29712
Type securityvulns
Reporter Securityvulns
Modified 2013-08-20T00:00:00

Description

Hi Forks!

I share my WOFF 1day exploit.

  • attachment: http://www.x90c.org/exploits/x90c_WOFF_exploit.tgz

(dep bypass)

  • vulnerability: CVE-2010-1028 WOFF Heap Corruption due to Integer Overflow

  • affacted Products:

    • Mozilla Firefox 3.6 ( Gecko 1.9.2 )
    • Mozilla Firefox 3.6 Beta1, 3, 4, 5 ( Beta2 ko not released )
    • Mozilla Firefox 3.6 RC1, RC2