The vulnerability fake Blizzard game updates
While Ormandy offered to use the whitelist, Blizzard came up with a blacklisted solution, which he considered "perfect and maintained" so the way Blizzard applied was too simple.
Ormandy created a PoC page to simulate a DNS Rebinding attack using the Blizzard Update Agent.http://lock.cmpxchg8b.com/yah4od7N.html. There are also other sites to attack on other applications and to find other applications with similar errors. https://lock.cmpxchg8b.com/rebinder.html
Ormandy had earlier found this error in Transmission BitTorrent.
See more: