3 matches found
Microsoft Internet Explorer 11 and WPAD service 'Jscript.dll' - Use-After-Free
Exploit Title: Microsoft Internet Explorer 8/11 and WPAD service 'Jscript.dll' - Use-After-Free Date: 2021-05-04 Exploit Author: deadlock Forrest Orr Vendor Homepage: https://www.microsoft.com/ Software Link: https://www.microsoft.com/en-gb/download/internet-explorer.aspx Versions: IE 8-11 64-bit...
Microsoft Edge Chakra CFG Bypass Due To Bug In ServerFreeAllocation Vulnerability
Charka suffers from a CFG bypass due to a bug in ServerFreeAllocation. Chakra: CFG bypass due to a bug in ServerFreeAllocation CVE-2017-11874 Chakra JIT server exposes a ServerFreeAllocation method that can be used to free an existing JIT allocation for example when the corresponding function get...
Microsoft Edge Chakra CFG Bypass With leafInterpreterFrame Vulnerability
Chakra suffers from a CFG bypass with leafInterpreterFrame. Every JavaScript variable in Chakra except a tagged int is a pointer. From this pointer, using an arbitrary read, it is possible to follow a chain of pointers and end up with a pointer to the native stack. This allows disclosing the stac...