Name | wp_mozilla_firefox_attributechildremoved |
CVE | CVE-2011-3659 |
Exploit Pack | White_Phosphorus |
Description | Mozilla Firefox 8.0 -> 9.0.1 AttributeChildRemoved Use-After-Free Remote Code Execution |
Notes | References: http://www.zerodayinitiative.com/advisories/ZDI-12-110/ CVE Name: CVE-2011-3659 VENDOR: Mozilla Notes: This is a browser based client-side exploit - use it via httpserver. Vulnerability limits shellcode options to IE Inject Connect Back. Do not tick HTTP Mosdef or SSL in HTTP Server. Module tested against: - Firefox 8.0 - Firefox 8.0.1 - Firefox 9.0 - Firefox 9.0.1 Repeatability: One Shot Date public: 2012-06-28 CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3659 CVSS: 7.5 |
Learn more about the CANVAS Exploit Pack here: White_Phosphorus |