5 matches found
WebKit - WebCore::RenderMultiColumnSet::updateMinimumColumnHeight Use-After-Free Exploit
Exploit for multiple platform in category dos / poc htmlvar00002, htmlvar00006 column-span: all; :root 1px; position: fixed; -webkit-column-width: 1px; .class2 text-indent: -webkit-shape-margin: 0px; -webkit-writing-mode: vertical-rl; '.' defselement, .class8 display: grid; 1s; function jsfuzzer ...
WebKit - 'WebCore::RenderMultiColumnSet::updateMinimumColumnHeight' Use-After-Free
htmlvar00002, htmlvar00006 column-span: all; :root 1px; position: fixed; -webkit-column-width: 1px; .class2 text-indent: -webkit-shape-margin: 0px; -webkit-writing-mode: vertical-rl; '.' defselement, .class8 display: grid; 1s; function jsfuzzer / newvarhtmlvar00078:HTMLHRElement / htmlvar00078 =...
WebKit WebCore::RenderMultiColumnSet::updateMinimumColumnHeight Use-After-Free
WebKit: Use-after-free in WebCore::RenderMultiColumnSet::updateMinimumColumnHeight CVE-2018-4323 There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on the ASan build of WebKit revision 233419 on OSX. The vulnerability has also been confirmed on Safari 11.1...
WebKit - WebCore::RenderMultiColumnSet::updateMinimumColumnHeight Use-After-Free
WebKit - WebCore::RenderMultiColumnSet::updateMinimumColumnHeight Use-After-Free htmlvar00002, htmlvar00006 column-span: all; :root 1px; position: fixed; -webkit-column-width: 1px; .class2 text-indent: -webkit-shape-margin: 0px; -webkit-writing-mode: vertical-rl; '.' defselement, .class8 display:...
WebKit - WebCore::RenderObject::previousSibling Use-After-Free
WebKit - WebCore::RenderObject::previousSibling Use-After-Free .class9 column-span: all; function f document.execCommand"indent", false; var var00031 = window.getSelection.setBaseAndExtentsum,16,null,6; f; !-- ================================================================= ASan log:...