8 matches found
Microsoft Edge: Chakra: JIT: Loop analysis bug(CVE-2018-0777)
Here's the PoC demonstrating OOB write. function optarr, start, end for let i = start; i end; i++ if i === 10 i += 0; // -- a arri = 2.3023e-320; function main let arr = new Array100; arr.fill1.1; for let i = 0; i 1000; i++ optarr, 0, 3; optarr, 0, 100000; main; What happens here is as follows: I...
Microsoft Edge Chakra JIT Loop Analysis Bug
Microsoft Edge: Chakra: JIT: Loop analysis bug CVE-2018-0777 Here's the PoC demonstrating OOB write. function optarr, start, end for let i = start; i end; i++ if i === 10 i += 0; // -- a arri = 2.3023e-320; function main let arr = new Array100; arr.fill1.1; for let i = 0; i 1000; i++ optarr, 0, 3...
CVE-2018-0777
creationtimestamp| type| source ---|---|--- 2018-01-17 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/43718 2018-01-17 07:18:26+00:00| published-proof-of-concept| https://t.me/antichat/651 2018-01-17 08:44:45+00:00| published-proof-of-concept| https://t.me/br0wsec/20...
Memory corruption
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is...
CVE-2018-0777
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is...
CVE-2018-0777
CVE-2018-0777 affects Microsoft Edge on Windows 10 (Gold, 1511, 1607, 1703, 1709) and Windows Server 2016, due to how the Scripting Engine handles objects in memory, enabling arbitrary code execution with the current user context. The vulnerability is tied to Scripting Engine Memory Corruption. C...
Microsoft Edge Scripting Engine Memory Corruption (CVE-2018-0777)
A remote code execution vulnerability has been reported in Microsoft Edge. The vulnerability is due to an Out-of-Bounds write in the JavaScript engine. A remote attacker can exploit this issue by enticing a victim to open a specially crafted web page that could cause memory corruption in a way th...
KB4056888: Windows 10 Version 1511 January 2018 Security Update (Meltdown)(Spectre)
The remote Windows host is missing security update 4056888 or 4075200. It is, therefore, affected by multiple vulnerabilities : - An vulnerability exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker with local user access to...