what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from Marius Mlynski

Firefox PDF.js Privileged Javascript Injection

Posted Aug 23, 2015

Authored by temp66, joev, Marius Mlynski | Site metasploit.com

This Metasploit module gains remote code execution on Firefox 35-36 by abusing a privilege escalation bug in resource:// URIs. PDF.js is used to exploit the bug. This exploit requires the user to click anywhere on the page to trigger the vulnerability.

tags | exploit, remote, code execution

advisories | CVE-2015-0816

SHA-256 | c7380b4bd424349eceddb0191b851de4ff91a0a5afb8b3430ceffce5b834c992

Download | Favorite | View

Firefox WebIDL Privileged Javascript Injection

Posted Aug 27, 2014

Authored by joev, Marius Mlynski | Site metasploit.com

This exploit gains remote code execution on Firefox 22-27 by abusing two separate privilege escalation vulnerabilities in Firefox's Javascript APIs.

tags | exploit, remote, javascript, vulnerability, code execution

advisories | CVE-2014-1510, CVE-2014-1511

SHA-256 | d5cc945e074cb09855a57374de57a97262b3ec3bd1140179dace08bfcb49db35

Download | Favorite | View