VULHUB ™

Netscape Communicator 4.5 has an unchecked buffer, through which code can be injected for execution via the prefs.js preferences file. This could be exploited locally to run arbitrary code at the privilege level of the current user. The buffer is overrun if a value over 80 bytes is specified in the 'network.proxy.http' field in prefs.js . The following 4 bytes are written to EBP and the 4 after that go into EIP. The next byte is pointed at by the ESP and is the beginning of the code that will be run.

Netscape Communicator 4.5 has an unchecked buffer, through which code can be injected for execution via the prefs.js preferences file. This could be exploited locally to run arbitrary code at the privilege level of the current user. The buffer is overrun if a value over 80 bytes is specified in the 'network.proxy.http' field in prefs.js . The following 4 bytes are written to EBP and the 4 after that go into EIP. The next byte is pointed at by the ESP and is the beginning of the code that will be run.