CVE-2012-6041

GreenBrowser < 6.0.1001 - Remote Code Execution via Crafted IFrame

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-6041. PoCs published by NCNIPC.

AI-analyzed exploit summary The provided text describes a use-after-free vulnerability in GreenBrowser 6.0.1002 and prior versions, which could lead to remote code execution or denial-of-service. However, no actual exploit code is included in the snippet.

Description

Double free vulnerability in GreenBrowser before 6.0.1002, when the keyword search bar (F6) is activated, allows remote attackers to execute arbitrary code via a crafted iframe.

Exploits (1)

exploitdb WRITEUP VERIFIED
by NCNIPC · textremotewindows
https://www.exploit-db.com/exploits/36546

The provided text describes a use-after-free vulnerability in GreenBrowser 6.0.1002 and prior versions, which could lead to remote code execution or denial-of-service. However, no actual exploit code is included in the snippet.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Complex
Reliability
Theoretical
Target: GreenBrowser <= 6.0.1002
No auth needed
Prerequisites: Vulnerable version of GreenBrowser installed
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/72351
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/51393
Exploit mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2012-01/0079.html

Scores

EPSS 0.0365
EPSS Percentile 88.3%

Details

CWE
CWE-399
Status published
Products (1)
morequick/greenbrowser < 6.0.1001
Published Nov 26, 2012
Tracked Since Feb 18, 2026