EUVD-2017-14230

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-5121

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate use of JIT optimisation in V8 in Google Chrome prior to 61.0.3163.100 for Linux, Windows, and Mac allowed a remote attacker to execute arbitrary...

Google Chrome < 61.0.3163.100 Multiple Vulnerabilities

Binary data 700344.pasl...

Microsoft Edge Chakra JIT Escape Analysis Bug

Microsoft Edge: Chakra: JIT: Escape analysis bug 2 CVE-2018-0860 Let's consider the following example code. function opt let arr = ; return arr'x'; // Optimize the "opt" function. for let i = 0; i inline Js::Var ExecuteImplicitCallJs::RecyclableObject function, Js::ImplicitCallFlags flags, Fn...

Microsoft Edge Chakra JIT Escape Analysis Bug

Microsoft Edge: Chakra: JIT: Escape analysis bug CVE-2017-11918 Escape analysis: https://en.wikipedia.org/wiki/Escapeanalysis Chakra fails to detect if "tmp" escapes the scope, allocates it to the stack. This may lead to dereference uninitialized stack values. PoC: function opt let tmp = ; tmp0 =...

Microsoft Edge Chakra JIT - Escape Analysis Bug

/ Escape analysis: https://en.wikipedia.org/wiki/Escapeanalysis Chakra fails to detect if "tmp" escapes the scope, allocates it to the stack. This may lead to dereference uninitialized stack values. PoC: / function opt let tmp = ; tmp0 = tmp; return tmp0; function main for let i = 0; i 0x1000; i+...

Microsoft Edge Chakra JIT - Escape Analysis Bug

Microsoft Edge Chakra JIT - Escape Analysis Bug / Escape analysis: https://en.wikipedia.org/wiki/Escapeanalysis Chakra fails to detect if "tmp" escapes the scope, allocates it to the stack. This may lead to dereference uninitialized stack values. PoC: / function opt let tmp = ; tmp0 = tmp; return...

Microsoft Edge Chakra JIT - Escape Analysis Bug Exploit

Exploit for windows platform in category dos / poc / Escape analysis: https://en.wikipedia.org/wiki/Escapeanalysis Chakra fails to detect if "tmp" escapes the scope, allocates it to the stack. This may lead to dereference uninitialized stack values. PoC: / function opt let tmp = ; tmp0 = tmp;...

CVE-2017-5121

Inappropriate use of JIT optimisation in V8 in Google Chrome prior to 61.0.3163.100 for Linux, Windows, and Mac allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to the escape analysis phase...

CVE-2017-5121

Inappropriate use of JIT optimisation in V8 in Google Chrome prior to 61.0.3163.100 for Linux, Windows, and Mac allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to the escape analysis phase...

CVE-2017-5121

Removed by vendor...

chromium-browser: out-of-bounds access in v8

Inappropriate use of JIT optimisation in V8 in Google Chrome prior to 61.0.3163.100 for Linux, Windows, and Mac allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to the escape analysis phase...

openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2015:0190-1) (POODLE)

OpenJDK was updated to 2.5.4 - OpenJDK 7u75 to fix security issues and bugs : - Security fixes - S8046656: Update protocol support - S8047125, CVE-2015-0395: ref More phantom object references - S8047130: Fewer escapes from escape analysis - S8048035, CVE-2015-0400: Ensure proper proxy protocols ...

Security update for java-1_7_0-openjdk (important)

OpenJDK was updated to 2.5.4 - OpenJDK 7u75 to fix security issues and bugs: Security fixes - S8046656: Update protocol support - S8047125, CVE-2015-0395: ref More phantom object references - S8047130: Fewer escapes from escape analysis - S8048035, CVE-2015-0400: Ensure proper proxy protocols -...