2 matches found
Microsoft Edge Chakra JIT - Out-of-Bounds ReadsWrites
Microsoft Edge Chakra JIT - Out-of-Bounds ReadsWrites / It seems that this issue is similar to the issue 1429 MSRC 42111. It might need to refresh the page several times to observe a crash. PoC: / let arr = new Uint32Array1000; for let i = 0; i 0x1000000; i++ for let j = 0; j 1; j++ i--; i++; arr...
Microsoft Windows Kernel - win32k.sys .TTF Font Processing Out-of-Bounds ReadsWrites with Malformed fpgm table win32k!bGeneratePath (Denial of Service)
Microsoft Windows Kernel - win32k.sys .TTF Font Processing Out-of-Bounds ReadsWrites with Malformed fpgm table win32k!bGeneratePath Denial of Service Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1273 We have encountered a number of Windows kernel crashes in the win32k.sys...