6 matches found
Microsoft Edge: Chakra: AsmJSByteCodeGenerator::EmitCall call handling bug(CVE-2018-0780)
AsmJSByteCodeGenerator::EmitCall which is used to emit call insturctions doesn't check if an array identifier is used as callee. The method handles those invalid calls in the same way it handles valid calls such as "arridx & ...". In these cases, the index register remains NoRegister which is...
Microsoft Edge Chakra AsmJSByteCodeGenerator::EmitCall Call Handling
Microsoft Edge: Chakra: AsmJSByteCodeGenerator::EmitCall call handling bug CVE-2018-0780 AsmJSByteCodeGenerator::EmitCall which is used to emit call insturctions doesn't check if an array identifier is used as callee. The method handles those invalid calls in the same way it handles valid calls...
CVE-2018-0780
creationtimestamp| type| source ---|---|--- 2018-01-17 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/43720 2018-01-17 08:44:45+00:00| published-proof-of-concept| https://t.me/br0wsec/20...
CVE-2018-0780
CVE-2018-0780 concerns Microsoft Edge Scripting Engine Information Disclosure in Windows 10 (various builds) where Edge’s JavaScript engine mishandles in-memory objects, enabling an attacker to obtain information and potentially progress to further compromise. The CVE is linked to Edge scripting ...
KB4056892: Windows 10 Version 1709 and Windows Server Version 1709 January 2018 Security Update (Meltdown)(Spectre)
The remote Windows host is missing security update 4056892 or 4073291. It is, therefore, affected by multiple vulnerabilities : - An vulnerability exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker with local user access to...
KB4056888: Windows 10 Version 1511 January 2018 Security Update (Meltdown)(Spectre)
The remote Windows host is missing security update 4056888 or 4075200. It is, therefore, affected by multiple vulnerabilities : - An vulnerability exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker with local user access to...