CVE-2006-0295

Related Files

Firefox location.QueryInterface() Code Execution

Posted Oct 27, 2009

Authored by H D Moore | Site metasploit.com

This Metasploit module exploits a code execution vulnerability in the Mozilla Firefox browser. To reliably exploit this vulnerability, we need to fill almost a gigabyte of memory with our nop sled and payload. This module has been tested on OS X 10.3 with the stock Firefox 1.5.0 package.

tags | exploit, code execution

systems | apple, osx

advisories | CVE-2006-0295

SHA-256 | 68da1f78d3e93ac5d6c2f0d52c01784d5f629a3336fadd2e30ee6f133cbb252e

Download | Favorite | View

firefox_queryinterface_mac.pm.txt

Posted Feb 14, 2006

Authored by H D Moore | Site metasploit.com

Mozilla Firefox versions 1.5 and below remote command execution interface that makes use of location.QueryInterface(). Max OS X version.

tags | exploit, remote

systems | apple, osx

advisories | CVE-2006-0295

SHA-256 | 7c6bea30c17ae1b878021bf81a94043f8b3f1890987d1740121af33489ac7eb2

Download | Favorite | View

firefox_queryinterface.pm.txt

Posted Feb 14, 2006

Authored by H D Moore | Site metasploit.com

Mozilla Firefox versions 1.5 and below remote command execution interface that makes use of location.QueryInterface().

tags | exploit, remote

advisories | CVE-2006-0295

SHA-256 | 27403aaf40c5cf1757082c221602bd936a4ba0e10502192e6ae985fd103555ee

Download | Favorite | View

Technical Cyber Security Alert 2006-38A

Posted Feb 8, 2006

Authored by US-CERT | Site kb.cert.org

Several vulnerabilities exist in the Mozilla web browser and derived products, the most serious of which could allow a remote attacker to execute arbitrary code on an affected system. Version of Mozilla Firefox below 1.5.0.1 and versions of SeaMonkey below 1.0 are affected.

tags | advisory, remote, web, arbitrary, vulnerability

advisories | CVE-2006-0296, CVE-2006-0295

SHA-256 | 0b913a4940b9c1df8bc0877a60ff3d579cb186e228c0c21ed540d188f86298b9

Download | Favorite | View