CVE-2011-0073

This Metasploit module exploits a dangling pointer vulnerability in Mozilla Firefox (CVE-2011-0073) by manipulating the nsTreeRange object to achieve remote code execution. It bypasses DEP without ROP but relies on Java or is limited by ASLR on non-XP systems.

This exploit targets a use-after-free vulnerability in Mozilla Firefox <= 3.6.16 via the nsTreeSelection element. It leverages a Java ROP chain to bypass DEP/ASLR on Windows 7, achieving remote code execution.

This Metasploit module exploits a dangling pointer vulnerability in Mozilla Firefox's nsTreeRange object, allowing remote code execution by manipulating heap memory and bypassing DEP without ROP. It targets Firefox 3.5.x to 3.6.16 on Windows, leveraging Java or ASLR bypass techniques.