GreenBrowser Search Bar Short Cut Button Double Free Remote Memory Corruption Vulnerability

Bugtraq ID:	51393
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2012-6041
Remote:	Yes
Local:	No
Published:	Jan 12 2012 12:00AM
Updated:	Nov 30 2012 06:30AM
Credit:	NCNIPC
Vulnerable:	GreenBrowser GreenBrowser 6.0.1002 GreenBrowser GreenBrowser 0
Not Vulnerable:

GreenBrowser Search Bar Short Cut Button Double Free Remote Memory Corruption Vulnerability

GreenBrowser is prone to a remote use-after-free memory-corruption vulnerability.

Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions.

GreenBrowser 6.0.1002 and prior versions are vulnerable.

GreenBrowser Search Bar Short Cut Button Double Free Remote Memory Corruption Vulnerability

The following exploit is available:

• /data/vulnerabilities/exploits/51393.rar

GreenBrowser Search Bar Short Cut Button Double Free Remote Memory Corruption Vulnerability

Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

GreenBrowser Search Bar Short Cut Button Double Free Remote Memory Corruption Vulnerability

References:

• GreenBrowser Homepage (GreenBrowser)
  
• GreenBrowser iframe content Double Free Vulnerability ([email protected])