CVE-2022-26485 PoC — Mozilla Firefox 资源管理错误漏洞

Source

https://github.com/mistymntncop/CVE-2022-26485

Associated Vulnerability

Title:Mozilla Firefox 资源管理错误漏洞 (CVE-2022-26485)
Description:Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。 Mozilla Firefox 97之前版本存在资源管理错误漏洞，该漏洞源于处理XSLT参数时出现“释放后使用”错误。攻击者可利用该漏洞诱骗受害者打开精心构建的网页，在系统上执行任意代码。

Readme

# CVE-2022-26485
Tested against Firefox 78.0 (Windows)
https://ftp.mozilla.org/pub/firefox/releases/78.0/win64/en-US/Firefox%20Setup%2078.0.exe

File Snapshot


 [4.0K]  /data/pocs/b4e477075a29b83993b379e655f4bf2a97356291
├── [ 21K]  exploit.html
└── [ 145]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!