CVE-2016-9079

This Metasploit module exploits CVE-2016-9079, a use-after-free vulnerability in Firefox's nsSMILTimeContainer::NotifyTimeChange() function. It achieves remote code execution on Windows by manipulating SVG elements and heap spraying.

This exploit leverages CVE-2017-5375 to bypass ASLR and DEP in Firefox 50.0.1 using an asm.js JIT spray technique, ultimately executing a shellcode payload that spawns cmd.exe.

This repository contains a functional exploit for CVE-2016-9079, targeting a memory corruption vulnerability in the V8 JavaScript engine. The exploit uses a combination of heap spraying and vtable manipulation to achieve arbitrary code execution, demonstrated by launching 'xcalc'.

This repository contains a functional exploit for CVE-2016-9079, targeting a remote code execution vulnerability in Firefox via the nsSMILTimeContainer component. The exploit uses memory manipulation and ROP chains to achieve arbitrary code execution on Windows 8.1 x64 with Firefox 38.

This is a functional exploit PoC for CVE-2016-9079, targeting a memory corruption vulnerability in Firefox. The code includes memory manipulation, ROP chain construction, and shellcode execution, indicative of a remote code execution (RCE) exploit.

This Metasploit module exploits a use-after-free vulnerability in Firefox's nsSMILTimeContainer::NotifyTimeChange() function, targeting versions 38 to 41 on Windows. It leverages heap spraying and SVG animation manipulation to achieve remote code execution.