prot3ct0r Discover Multiple Browser Remote Code Execution Vulns
Iranian pentester prot3ct0r -Ehsan Noreddini- have discover browser remote code execution vulnerability:
- The World Browser
- Avant Browser IE Engine
- Microsoft Compiled HTML Help
Remote Code Execution -RCE- is attacker ability to execute commands on target machines or processes
Is used in arbitrary code execution vulnerability for attacker to execute arbitrary code Programs that is designed to
exploit such vulnerability is called code execution exploit
These vulnerabilities allow executions of machine code to exploits injected shellcode is give attackers
way for running arbitrary commands
Ability to execute code across Internet is called remote code execution
The World Browser Remote Code Execution Vulnerability
The World Browser is free tiny fast powerful web browser Have no function limitation
Is affect version 3.0
Is affect version 3.0
Avant Browser IE Engine Remote Code Execution Vulnerability
Avant Browser is an very fast web browser Is user friendly interface and have efficiency to your browsing experience and frequent upgrades have steadily improved its reliability Is affect build 28 9.30.2015
Microsoft Compiled HTML Help Remote Code Execution
Microsoft Compiled HTML Help is Microsoft proprietary online help format consist of collection of HTML pages index and other navigation tools Files is compressed and in binary format with extension .CHM -Compiled HTML- Format is used for software documentation
Detail: https://packetstormsecurity.com/files/134064/Microsoft-Compiled-HTML-Help-Remote-Code-Execution.htm
CVE reference for all above browser RCE vulns is: CVE2014-6332
See vulns discover by prot3ct0r here: