Jump to content


Photo
- - - - -

Win7x64 + Safari + generous verticle IFRAME = vuln


  • Please log in to reply
1 reply to this topic

#1 XlogicX

XlogicX

    SUP3R 31337

  • Validating
  • 160 posts
  • Gender:Male
  • Location:Tempe (Phoenix area)

Posted 22 December 2011 - 05:52 AM

I guess win32k.sys has some problems and a "tall" IFRAME rendered in Safari on a 64-bit Win7 system can corrupt the memory, allowing for possible execution of arbitrary code (exploit) with kernel mode privs.

...meh

Source:
Critical Zero-Day Vulnerability found in 64 bit version of Windows 7

EDIT:
To be more specific, I guess this would cause a blue-screen (with the above mentioned software setup):
<iframe height='18082563'></iframe>

Anybody care to test :)

Edited by XlogicX, 22 December 2011 - 05:56 AM.


#2 Afterm4th

Afterm4th

    SUPR3M3 31337 Mack Daddy P1MP

  • Members
  • 399 posts
  • Country:
  • Gender:Male
  • Location:way up north eh

Posted 22 December 2011 - 12:45 PM

high iframes = broken windows. it works




BinRev is hosted by the great people at Lunarpages!