CVE-2011-2371

This exploit targets a vulnerability in Mozilla Firefox 3.6.16/17 where an integer overflow in the Array.reduceRight() method allows arbitrary code execution. It uses a heap spray technique and ROP chain to achieve remote code execution.

This exploit leverages an integer overflow in Mozilla Firefox's Array.reduceRight() method (CVE-2011-2371) to achieve remote code execution. It uses heap spraying and a ROP chain to bypass DEP/ASLR, targeting Firefox 3.6.16/3.6.17 on Windows 7.

This is a working proof-of-concept exploit for CVE-2011-2371, targeting a use-after-free vulnerability in Firefox 4.0.1. It leverages heap spraying and ROP chains to achieve arbitrary code execution, specifically using a message box shellcode.

This Metasploit module exploits CVE-2011-2371, an integer overflow in Mozilla Firefox 3.6's Array.reduceRight() method, leading to arbitrary code execution. It uses heap spraying and ROP chains to bypass ASLR and DEP, targeting specific Firefox versions on Windows.