6 matches found
OSV-2020-1439 Segv on unknown address in LocaleCompare
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21163 Crash type: Segv on unknown address Crash state: LocaleCompare CompareSplayTreeString Splay...
imagemagick:ping_tiff_fuzzer: Segv on unknown address in LocaleCompare
Detailed Report: https://oss-fuzz.com/testcase?key=5671742233378816 Project: imagemagick Fuzzing Engine: libFuzzer Fuzz Target: pingtifffuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type: Segv on unknown address Crash Address: Crash State: LocaleCompare CompareSplayTreeString...
Microsoft Edge Chakra JIT localeCompare Type Confusion Exploit
Exploit for windows platform in category dos / poc Microsoft Edge: Chakra: JIT: Type confusion with localeCompare CVE-2018-8355 A call to the String.prototype.localeCompare method can be inlineed when it only takes one argument. There are two versions of String.prototype.localeCompare, one 1 is...
Microsoft Edge Chakra JIT localeCompare Type Confusion
Microsoft Edge: Chakra: JIT: Type confusion with localeCompare CVE-2018-8355 A call to the String.prototype.localeCompare method can be inlineed when it only takes one argument. There are two versions of String.prototype.localeCompare, one 1 is written in JavaScript and the other 2 is written in...
Microsoft Edge Chakra JIT - 'localeCompare' Type Confusion
/ A call to the String.prototype.localeCompare method can be inlineed when it only takes one argument. There are two versions of String.prototype.localeCompare, one 1 is written in JavaScript and the other 2 is written in C++ which just calls the JavaScript version when Intl enabled without...
Microsoft Edge Chakra JIT - localeCompare Type Confusion
Microsoft Edge Chakra JIT - localeCompare Type Confusion / A call to the String.prototype.localeCompare method can be inlineed when it only takes one argument. There are two versions of String.prototype.localeCompare, one 1 is written in JavaScript and the other 2 is written in C++ which just cal...