Mozilla Firefox 3.6 - XML Parser Memory Corruption (PoC) / Denial of Service

EDB-ID:

11245

CVE:

N/A


Author:

d3b4g

Type:

dos


Platform:

Windows

Date:

2010-01-24


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.

GET CERTIFIED

# Firefox 3.6(XML parser)memory corruption PoC/Dos
# by d3b4g 
# From tiny islands of maldivies
# Tested: version 3.6
# Tested on windows XP SP3
# 20-01-2010


This same bug was in early version of firfox,found by (Wojciech Pawlikowski) This is just a update.

This vulnerability  cause a denial of service (memory corruption) via an XML document composed of a long series of start-tags with no corresponding end-tags.

https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/11245.rar (Firefox-v3.6_PoC.rar)