CVE-2011-3026 PoC — Google Chrome ‘libpng’整数溢出漏洞

Source

https://github.com/argp/cve-2011-3026-firefox

Associated Vulnerability

Title:Google Chrome ‘libpng’整数溢出漏洞 (CVE-2011-3026)
Description:Google Chrome是Google发布的开源WEB浏览器。 Google Chrome 17.0.963.56之前版本的libpng中存在整数溢出漏洞。远程攻击者可利用该漏洞借助触发整数截断的未明向量，导致拒绝服务或可能产生其它未明影响。

Description

Example of exploiting CVE-2011-3026 on Firefox (Linux/x86)

Readme

cve-2011-3026-firefox
=====================

Example of exploiting CVE-2011-3026 on Firefox (Linux/x86), from our Black
Hat 2012 talk:

"Exploiting the jemalloc Memory Allocator: Owning Firefox's Heap"

Original slide deck available at:

https://www.blackhat.com/html/bh-us-12/bh-us-12-archives.html#Argyroudis

Updated slide deck at:

http://census-labs.com/news/2012/08/03/blackhat-usa-2012-update/

argp & huku, Thu Aug 2 19:01:58 EEST 2012

File Snapshot


 [4.0K]  /data/pocs/76857a21d970495795958eb2f61285aa10c624e9
├── [2.1K]  cve-2011-3026.html
├── [4.0M]  cve-2011-3026.png
├── [1.6K]  LICENSE
└── [ 445]  README.md

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!