Microsoft Windows jscript!JsArrayFunctionHeapSort Out-Of-Bounds Write

Windows: out-of-bounds write in jscript!JsArrayFunctionHeapSort CVE-2018-8631 There is an out-of-bounds write vulnerability in jscript.dll in JsArrayFunctionHeapSort function. This vulnerability can be exploited through Internet Explorer or potentially through WPAD over local network. PoC:...

Microsoft Windows - 'jscript!JsArrayFunctionHeapSort' Out-of-Bounds Write

function f0 function f1 f2.prototype = arguments; new f2; function f2 Array.prototype.sort.callthis, f0; f11, 2, 3; !-- ========================================================= Details: JsArrayFunctionHeapSort is called when sorting an array with a provided comparison function. One of its...

Microsoft Windows - jscript!JsArrayFunctionHeapSort Out-of-Bounds Write

Microsoft Windows - jscript!JsArrayFunctionHeapSort Out-of-Bounds Write function f0 function f1 f2.prototype = arguments; new f2; function f2 Array.prototype.sort.callthis, f0; f11, 2, 3; !-- ========================================================= Details: JsArrayFunctionHeapSort is called when...

CVE-2003-0010

The CVE-2003-0010 issue is a heap-based overflow in the Windows Script Engine (JsArrayFunctionHeapSort in JScript.dll) that can allow remote code execution via a malicious web page or HTML e-mail. Affected component is Windows Script Engine/JScript.dll; exploit arises from handling large array in...