360Safe 与 360Chrome 浏览器缓冲区溢出漏洞

    360Safe 与 360Chrome 浏览器缓冲区溢出漏洞，360Safe & 360Chrome browsers buffer overflow exploit。

    转自：http://forum.sysinternals.com/360safe360chrome-browsers-buffer-overflow-exploit_topic27169.html

Topic: 360Safe&360Chrome browsers buffer overflow exploit
Posted: 05 December 2011 at 1:13pm

Let's focus on browsers' security.
Both 360Safe and 360Chrome browsers have the java rhino script engine buffer overflow vulnerability recently disclosed.
Attackers could exploit this vulnerability to execute arbitrary code outside of the sandbox.

PoC demo:

360Safe browser is not quite safe:
http://www.youtube.com/watch?v=9NRlfDe3SYQ

360Chrome also exploited:
http://www.youtube.com/watch?v=_eT-AfcpBJg

Edited by reacherj - 05 December 2011 at 1:16pm

翻译：

让我们把重点放在浏览器的安全。

360Safe 和 360Chrome 两个浏览器都有最近披露的Java犀牛脚本引擎的缓冲区溢出漏洞。

攻击者可能利用此漏洞在沙盒之外执行任意代码。

360安全浏览器并非很安全：http://www.youtube.com/watch?v=9NRlfDe3SYQ

360Chrome 同样可以利用：http://www.youtube.com/watch?v=_eT-AfcpBJg