5 matches found
Windows: use-after-free in jscript!NameTbl::GetValDef(CVE-2017-11903)
There is a use-after-free vulnerability in jscript.dll. This issue could potentially be exploited through multiple vectors: - An attacker on the local network could exploit this issue by posing as a WPAD Web Proxy Auto-Discovery host and sending a malicious wpad.dat file to the victim. This works...
Microsoft Windows - jscript!NameTbl::GetValDef Use-After-Free
Microsoft Windows - jscript!NameTbl::GetValDef Use-After-Free var vars = new Array100; forvar i=0;i !-- ============================================ PoC for WPAD might require page heap to trigger the crash: ============================================ function...
Microsoft Windows - jscript!JsArraySlice Uninitialized Variable
Microsoft Windows - jscript!JsArraySlice Uninitialized Variable var x = new URIErrornew Array, undefined, undefined; String.prototype.localeCompare.callx, new Date0, 0, 0, 0, 0, 0, undefined; Array.prototype.slice.call1; !-- ============================================ Technical details: The issu...
WIndows jscript!JsArraySlice Uninitialized Variable
Windows: Uninitialized variable in jscript!JsArraySlice CVE-2017-11855 There is an uninitialized variable vulnerability in jscript.dll. This issue could potentially be exploited through multiple vectors: - By opening a malicious web page in Internet Explorer. - currently untested An attacker on t...
Windows jscript!NameTbl::GetValDef Use-After-Free
Windows: use-after-free in jscript!NameTbl::GetValDef CVE-2017-11903 There is a use-after-free vulnerability in jscript.dll. This issue could potentially be exploited through multiple vectors: - An attacker on the local network could exploit this issue by posing as a WPAD Web Proxy Auto-Discovery...