11 matches found
Xfig fig2dev Input Validation Error Vulnerability
Xfig fig2dev is a tool for printing and exporting .fig format files. An input validation error vulnerability exists in the 'makearrow' function of the arrow.c file in Xfig fig2dev version 3.2.7b. The vulnerability stems from a networked system or product that does not properly validate input data...
CVE-2019-14275
Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calcarrow function in bound.c...
Google Chrome V8 Arrow Function Scope Fixing Bug
Chrome: V8: Arrow function scope fixing bug When the parser parses the parameter list of an arrow function contaning destructuring assignments, it can't distinguish whether the assignments will be actually in the parameter list or just assignments until it meets a "=" token. So it first assigns t...
Chrome V8 JIT - Arrow Function Scope Fixing Bug
/ When the parser parses the parameter list of an arrow function contaning destructuring assignments, it can't distinguish whether the assignments will be actually in the parameter list or just assignments until it meets a "=" token. So it first assigns the destructuring assignments to the outer...
Chrome V8 JIT - Arrow Function Scope Fixing Bug
Chrome V8 JIT - Arrow Function Scope Fixing Bug / When the parser parses the parameter list of an arrow function contaning destructuring assignments, it can't distinguish whether the assignments will be actually in the parameter list or just assignments until it meets a "=" token. So it first...
Chrome V8 JIT - Arrow Function Scope Fixing Bug Exploit
Exploit for multiple platform in category dos / poc / When the parser parses the parameter list of an arrow function contaning destructuring assignments, it can't distinguish whether the assignments will be actually in the parameter list or just assignments until it meets a "=" token. So it first...
WebKit JSC emitPutDerivedConstructorToArrowFunctionContextScope Incorrect Check(CVE-2017-2531)
WebKit: JSC: incorrect check in emitPutDerivedConstructorToArrowFunctionContextScope When a super expression is used in an arrow function, the following code, which generates bytecode, is called. if needsToUpdateArrowFunctionContext && !codeBlock-isArrowFunction bool canReuseLexicalEnvironment =...
WebKit JSC - Incorrect Check in emitPutDerivedConstructorToArrowFunctionContextScope
WebKit JSC - Incorrect Check in emitPutDerivedConstructorToArrowFunctionContextScope / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1173 When a super expression is used in an arrow function, the following code, which generates bytecode, is called. if...
WebKit JSC emitPutDerivedConstructorToArrowFunctionContextScope Incorrect Check Vulnerability
Exploit for multiple platform in category dos / poc WebKit: JSC: incorrect check in emitPutDerivedConstructorToArrowFunctionContextScope CVE-2017-2531 When a super expression is used in an arrow function, the following code, which generates bytecode, is called. if needsToUpdateArrowFunctionContex...
WebKit JSC emitPutDerivedConstructorToArrowFunctionContextScope Incorrect Check
WebKit: JSC: incorrect check in emitPutDerivedConstructorToArrowFunctionContextScope CVE-2017-2531 When a super expression is used in an arrow function, the following code, which generates bytecode, is called. if needsToUpdateArrowFunctionContext && !codeBlock-isArrowFunction bool...
WebKit JSC - Incorrect Check in emitPutDerivedConstructorToArrowFunctionContextScope
/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1173 When a super expression is used in an arrow function, the following code, which generates bytecode, is called. if needsToUpdateArrowFunctionContext && !codeBlock-isArrowFunction bool canReuseLexicalEnvironment =...