8 matches found
Apple WebKit Frame::setDocument UXSS
Apple WebKit: UXSS via Frame::setDocument 1. CVE-2017-2364 void Frame::setDocumentRefPtr&& newDocument ASSERT!newDocument || newDocument-frame == this; if mdoc && mdoc-pageCacheState != Document::InPageCache mdoc-prepareForDestruction; mdoc = newDocument.copyRef; ... The function...
Apple WebKit 10.0.2(12602.3.12.0.1) - Frame::setDocument (1) Universal Cross-Site Scripting Exploit
Exploit for multiple platform in category dos / poc && newDocument ASSERT!newDocument || newDocument-frame == this; if mdoc && mdoc-pageCacheState != Document::InPageCache mdoc-prepareForDestruction; mdoc = newDocument.copyRef; ... The function |prepareForDestruction| only called when the cache...
Apple WebKit: UXSS via Frame::setDocument (1)(CVE-2017-2364)
void Frame::setDocumentRefPtr&& newDocument ASSERT!newDocument || newDocument-frame == this; if mdoc && mdoc-pageCacheState != Document::InPageCache mdoc-prepareForDestruction; mdoc = newDocument.copyRef; ... The function |prepareForDestruction| only called when the cache state is not...
Apple WebKit 10.0.2(12602.3.12.0.1) - 'Frame::setDocument (1)' Universal Cross-Site Scripting
&& newDocument ASSERT!newDocument || newDocument-frame == this; if mdoc && mdoc-pageCacheState != Document::InPageCache mdoc-prepareForDestruction; mdoc = newDocument.copyRef; ... The function |prepareForDestruction| only called when the cache state is not |Document::InPageCache|. So the frame wi...
Apple WebKit Frame::setDocument UXSS Exploit
Apple WebKit suffers from a UXSS via Frame::setDocument. Apple WebKit: UXSS via Frame::setDocument CVE-2017-2365 Here's a snippet of Frame::setDocument. void Frame::setDocumentRefPtr&& newDocument ASSERT!newDocument || newDocument-frame == this; if mdoc && mdoc-pageCacheState !=...
Apple WebKit 10.0.2 - Frame::setDocument Universal Cross-Site Scripting
Apple WebKit 10.0.2 - Frame::setDocument Universal Cross-Site Scripting && newDocument ASSERT!newDocument || newDocument-frame == this; if mdoc && mdoc-pageCacheState != Document::InPageCache mdoc-prepareForDestruction; mdoc = newDocument.copyRef; ... Before setting |mdoc| to |newDocument|, it...
Apple WebKit 10.0.2 - 'Frame::setDocument' Universal Cross-Site Scripting
&& newDocument ASSERT!newDocument || newDocument-frame == this; if mdoc && mdoc-pageCacheState != Document::InPageCache mdoc-prepareForDestruction; mdoc = newDocument.copyRef; ... Before setting |mdoc| to |newDocument|, it calls |prepareForDestruction| that fires unload event handlers. If we call...
Apple WebKit: UXSS via Frame::setDocument (CVE-2017-2365)
Here's a snippet of Frame::setDocument. void Frame::setDocumentRefPtr&& newDocument ASSERT!newDocument || newDocument-frame == this; if mdoc && mdoc-pageCacheState != Document::InPageCache mdoc-prepareForDestruction; mdoc = newDocument.copyRef; ... Before setting |mdoc| to |newDocument|, it calls...