[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] x90c WOFF Firefox 1day exploit

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] x90c WOFF Firefox 1day exploit
From: x90c <geinblues@xxxxxxxxx>
Date: Sat, 17 Aug 2013 18:52:42 +0900

Hi Forks!

I share my WOFF 1day exploit.

(dep bypass)

* vulnerability:
    CVE-2010-1028 WOFF Heap Corruption due to Integer Overflow

* affacted Products:
    - Mozilla Firefox 3.6 ( Gecko 1.9.2 )
    - Mozilla Firefox 3.6 Beta1, 3, 4, 5 ( Beta2 ko not released )
    - Mozilla Firefox 3.6 RC1, RC2


x90c

Attachment: x90c_WOFF_exploit.tgz
Description: GNU Zip compressed data

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: [Full-disclosure] MS Excel 2002/2003 CRN record 0day PoC
Next by Date: Re: [Full-disclosure] Who's behind limestonenetworks.com AKA DDoS on polipo(8123)
Previous by thread: [Full-disclosure] MS Excel 2002/2003 CRN record 0day PoC
Next by thread: Re: [Full-disclosure] Who's behind limestonenetworks.com AKA DDoS on polipo(8123)
Index(es):
- Date
- Thread