| Name | java_docbase |
| CVE | CVE-2010-3552 |
| Exploit Pack | CANVAS |
| Description | Java IE Plugin "docparam" Overflow |
| Notes | CVE Name: CVE-2010-3552 Vendor: Oracle Notes: This exploit can only be used from clientd. Tested on: Windows XP Professional SP3 EN under IE 8 updated. Windows XP Home SP3 EN with IE7 Windows 7 Ultimate with IE 8. Windows Vista with IE 7 This exploit essentially works only under clientd. It does not work with HTTP MOSDEF as the shellcode can only be of limited size. This exploit defeats DEP. We don't do a heap-spray for this exploit - instead doing some clever anti-DEP techniques detailed in the exploit itself. Other possible anti-DEP techniques include: Shockwave DLL .Net 2.0 DLL We do not currently do process recovery in this exploit. VersionsAffected: Oracle Java 6 <= Update 21 Repeatability: Infinite References: ['http://code.google.com/p/skylined/issues/detail?id=23'] Date public: 10/12/2010 |
| Learn more about the CANVAS Exploit Pack here: CANVAS |