Immunity, Inc.
Name wp_mozilla_firefox_attributechildremoved
CVE CVE-2011-3659
Exploit Pack White_Phosphorus
DescriptionMozilla Firefox 8.0 -> 9.0.1 AttributeChildRemoved Use-After-Free Remote Code Execution
NotesReferences: http://www.zerodayinitiative.com/advisories/ZDI-12-110/
CVE Name: CVE-2011-3659
VENDOR: Mozilla
Notes:
This is a browser based client-side exploit - use it via httpserver.
Vulnerability limits shellcode options to IE Inject Connect Back. Do not tick HTTP Mosdef or SSL in HTTP Server.

Module tested against:
- Firefox 8.0
- Firefox 8.0.1
- Firefox 9.0
- Firefox 9.0.1

Repeatability: One Shot
Date public: 2012-06-28
CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3659
CVSS: 7.5

Learn more about the CANVAS Exploit Pack here: White_Phosphorus