Simon Berry-Byrne

7 exploits Active since Jul 2009
CVE-2009-2477 EXPLOITDB python WORKING POC
Mozilla Firefox <3.5.1 - RCE
js/src/jstracer.cpp in the Just-in-time (JIT) JavaScript compiler (aka TraceMonkey) in Mozilla Firefox 3.5 before 3.5.1 allows remote attackers to execute arbitrary code via certain use of the escape function that triggers access to uninitialized memory locations, as originally demonstrated by a document containing P and FONT elements.
CVE-2009-2477 METASPLOIT ruby WORKING POC
Mozilla Firefox <3.5.1 - RCE
js/src/jstracer.cpp in the Just-in-time (JIT) JavaScript compiler (aka TraceMonkey) in Mozilla Firefox 3.5 before 3.5.1 allows remote attackers to execute arbitrary code via certain use of the escape function that triggers access to uninitialized memory locations, as originally demonstrated by a document containing P and FONT elements.
CVE-2009-2478 EXPLOITDB python WORKING POC
Mozilla Firefox <3.5 - DoS
Mozilla Firefox 3.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors, related to a "flash bug."
CVE-2009-2479 EXPLOITDB html WORKING POC
Mozilla Firefox <3.5.2 - DoS
Mozilla Firefox 3.0.x, 3.5, and 3.5.1 on Windows allows remote attackers to cause a denial of service (uncaught exception and application crash) via a long Unicode string argument to the write method. NOTE: this was originally reported as a stack-based buffer overflow. NOTE: on Linux and Mac OS X, a crash resulting from this long string reportedly occurs in an operating-system library, not in Firefox.
EIP-2026-103994 EXPLOITDB ruby WORKING POC
Mozilla Firefox 3.5 - escape Memory Corruption (Metasploit)
CVE-2009-2477 EXPLOITDB ruby WORKING POC
Mozilla Firefox <3.5.1 - RCE
js/src/jstracer.cpp in the Just-in-time (JIT) JavaScript compiler (aka TraceMonkey) in Mozilla Firefox 3.5 before 3.5.1 allows remote attackers to execute arbitrary code via certain use of the escape function that triggers access to uninitialized memory locations, as originally demonstrated by a document containing P and FONT elements.
CVE-2011-1071 EXPLOITDB c WORKING POC
GNU Eglibc < 2.12.1 - Resource Management Error
The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka a "stack extension attack," a related issue to CVE-2010-2898, CVE-2010-1917, and CVE-2007-4782, as originally reported for use of this library by Google Chrome.