Stack-based buffer overflow in W3C Amaya Web Browser 11.1 allows remote malicious users to execute arbitrary code via a script tag with a long defer attribute.
<?php
/**//*
Amaya 111 W3C's editor/browser
Stack Owerflow POC
Discover by Alfons Luja
Thx : OiN
select * from friends --
This stUff overwrite SEH in my box XP home sp 2
To correctly overwrite seh you must upload "remote_lovehtml" to remote server
Amaya allow only printable shellcode in this case ...
# exploitpy
#
# Amaya 111 W3C Editor/Browser (defer) Stack Overflow Exploit
# By: Encrypt3dM!nd
#
# Origninal Advisory:
# wwwmilw0rmcom/exploits/8314
#
# Fully Based on Rob Carter's Exploit
# wwwmilw0rmcom/exploits/7988
#
# Note:you need to upload Devil_insidehtml to a remote host
# Works with windows xp sp2
#
# metasploit - ...