CVE-2010-3971 PoC — Microsoft Internet Explorer CSS内存破坏漏洞

Source

https://github.com/nektra/CVE-2010-3971-hotpatch

Associated Vulnerability

Title:Microsoft Internet Explorer CSS内存破坏漏洞 (CVE-2010-3971)
Description:Microsoft Internet Explorer是美国微软（Microsoft）公司发布的Windows操作系统中默认捆绑的Web浏览器。在Microsoft Internet Explorer 6至8版本和其他产品中使用的mshtml.dll中的层叠样式表（CSS）解析器的CSharedStyleSheet::Notify函数中存在释放后使用漏洞。远程攻击者可借助样式表中的self-referential @import规则执行任意代码或导致拒绝服务（应用程序崩溃）。

Description

Do you own security hotfix with Deviare hooking

Readme

CVE-2010-3971-hotpatch
======================

Do you own security hotfix with Deviare.

Original article: [using Deviare to create a temporary zero day patch](http://blog.nektra.com/main/2013/08/07/using-deviare-to-create-a-temporary-zero-day-patch/)

File Snapshot


 [4.0K]  /data/pocs/9d05b43985267ce7d2cca59ecb5ca8327d8f3556
├── [4.0K]  HotPatch_CVE_2010_3971
│   ├── [3.1K]  Form1.cs
│   ├── [2.1K]  Form1.Designer.cs
│   ├── [5.6K]  Form1.resx
│   ├── [5.2K]  HotPatch_CVE_2010_3971.csproj
│   ├── [1.6K]  HotPatch_CVE_2010_3971.sln
│   ├── [ 482]  Program.cs
│   └── [4.0K]  Properties
│       ├── [1.4K]  AssemblyInfo.cs
│       ├── [2.7K]  Resources.Designer.cs
│       ├── [5.4K]  Resources.resx
│       ├── [1.0K]  Settings.Designer.cs
│       └── [ 242]  Settings.settings
└── [ 252]  README.md

2 directories, 12 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!