BackgroundWhen used in a web page, Java references properties of the window.navigator object as it starts up in Firefox or SeaMonkey.
ProblemIf a web page replaces the navigator object before starting Java, then the page could cause the browser to crash in a way that allows arbitrary command execution.
ResolutionUpgrade to Firefox 18.104.22.168 or higher or SeaMonkey 1.0.3 or higher.
LimitationsExploit works on Firefox 22.214.171.124 and requires a user to click on the Exploit button. The Java plug-in must be installed in order for the exploit to succeed. Firefox's automatic update feature must be disabled in order for the exploit to succeed. Note that it may take several minutes for this exploit to succeed because a large amount of memory must be allocated on the target.
Windows XP SP2
Back to exploit index