Exploit the possiblities
Showing 1 - 25 of 52 RSS Feed

Files from Ivan Fratric

Email addressprivate
First Active2007-03-08
Last Active2017-11-22
View User Profile
WebKit WebCore::DocumentLoader::frameLoader Use-After-Free
Posted Nov 22, 2017
Authored by Ivan Fratric, Google Security Research

WebKit suffers from a use-after-free vulnerability in WebCore::DocumentLoader::frameLoader.

tags | exploit
advisories | CVE-2017-13794
MD5 | c07fda98eca843e82ef5236fd67fb80b
WebKit WebCore::Style::TreeResolver::styleForElement Use-After-Free
Posted Nov 22, 2017
Authored by Ivan Fratric, Google Security Research

WebKit suffers from a use-after-free vulnerability in WebCore::Style::TreeResolver::styleForElement.

tags | exploit
advisories | CVE-2017-13802
MD5 | 63b43c75cbc1b4ad33a88819f4eeddde
WebKit WebCore::SVGPatternElement::collectPatternAttributes Out-Of-Bounds Read
Posted Nov 22, 2017
Authored by Ivan Fratric, Google Security Research

WebKit suffers from an out-of-bounds read in WebCore::SVGPatternElement::collectPatternAttributes.

tags | exploit
advisories | CVE-2017-13783
MD5 | 95cd5b7f1af7b8093b7bf246a111a82c
Webkit WebCore::SimpleLineLayout::RunResolver::runForPoint Out-Of-Bounds Read
Posted Nov 22, 2017
Authored by Ivan Fratric, Google Security Research

WebKit suffers from an out-of-bounds read in WebCore::SimpleLineLayout::RunResolver::runForPoint.

tags | exploit
advisories | CVE-2017-13784
MD5 | ae668f6385f367907250b9be6fb654fb
WebKit WebCore::RenderText::localCaretRect Out-Of-Bounds Read
Posted Nov 22, 2017
Authored by Ivan Fratric, Google Security Research

WebKit suffers from an out-of-bounds read in WebCore::RenderText::localCaretRect.

tags | exploit
advisories | CVE-2017-13785
MD5 | 769ad8e20766a4d8c4e777f522f6d619
WebKit WebCore::AXObjectCache::performDeferredCacheUpdate Use-After-Free
Posted Nov 22, 2017
Authored by Ivan Fratric, Google Security Research

There is a use-after-free security vulnerability in WebCore::AXObjectCache::performDeferredCacheUpdate in WebKit.

tags | advisory
advisories | CVE-2017-13795
MD5 | 7e9512df39aea162da9fecb3f2729c14
WebKit WebCore::PositionIterator::decrement Use-After-Free
Posted Nov 22, 2017
Authored by Ivan Fratric, Google Security Research

There is a use-after-free security vulnerability in WebCore::PositionIterator::decrement in WebKit.

tags | exploit
advisories | CVE-2017-13797
MD5 | 335dfe4b7f9b56e61b37482bb3fcba7e
WebKit WebCore::InputType::element Use-After-Free
Posted Nov 22, 2017
Authored by Ivan Fratric, Google Security Research

There is a use-after-free security vulnerability in WebCore::InputType::element in WebKit.

tags | exploit
advisories | CVE-2017-13792
MD5 | 3bcffec40782a4f0165f5f102cebd11c
WebKit WebCore::TreeScope::documentScope Use-After-Free
Posted Nov 22, 2017
Authored by Ivan Fratric, Google Security Research

There is a use-after-free security vulnerability in WebCore::TreeScope::documentScope in WebKit.

tags | exploit
advisories | CVE-2017-13796
MD5 | abfdfeaf75943ae3005d505a907f9d4a
Microsoft Internet Explorer 11 jscript!JsErrorToString Use-After-Free
Posted Nov 10, 2017
Authored by Ivan Fratric, Google Security Research

Microsoft Internet Explorer 11 suffers from a use-after-free vulnerability in jscript!JsErrorToString.

tags | exploit
advisories | CVE-2017-11810
MD5 | e509659ea4762273ceb30f9caec7db44
Microsoft Edge Partial Page Loading Memory Corruption
Posted Sep 19, 2017
Authored by Ivan Fratric, Google Security Research

There is a security issue in Microsoft Edge related to how HTML documents are loaded. If Edge displays a HTML document from a slow HTTP server, it is possible that a part of the document is going to be rendered before the server has finished sending the document. It is also possible that some JavaScript code is going to trigger. By making DOM modifications before the document had a chance of fully loading, followed by another set of DOM modifications after the page has been loaded, it is possible to trigger memory corruption that could possibly lead to an exploitable condition.

tags | exploit, web, javascript
advisories | CVE-2017-8731
MD5 | 38a51b456f8f99a75032e480ca87fb20
Microsoft Edge COptionsCollectionCacheItem::GetAt Out-Of-Bounds Read
Posted Sep 19, 2017
Authored by Ivan Fratric, Google Security Research

There is an out-of-bounds read issue in Microsoft Edge that could potentially be turned into remote code execution. The vulnerability has been confirmed on Microsoft Edge 38.14393.1066.0 (Microsoft EdgeHTML 14.14393) as well as Microsoft Edge 40.15063.0.0 (Microsoft EdgeHTML 15.15063).

tags | exploit, remote, code execution
advisories | CVE-2017-8734
MD5 | f8f0367a62a7c9dadd43f0e6c52c13e5
Microsoft Edge DuplicateHandle ACG Bypass
Posted Sep 15, 2017
Authored by Ivan Fratric, Google Security Research

ACG (Arbitrary Code Guard) in Microsoft Edge is bypassable. The bypass has been tested on Microsoft Edge 40.15063.0.0 running on Windows 10 Enterprise 64-bit with Creators Update (Version 1703, OS build 15063.413).

tags | exploit, arbitrary
systems | windows
MD5 | e55e370f65b1a357d3ec51c50261ae1c
Microsoft Chakra JIT Server Out-Of-Bounds Write
Posted Aug 16, 2017
Authored by Ivan Fratric, Google Security Research

The Microsoft Chakra JIT server suffers from an out-of-bounds write when processing a Js::OpCode::ProfiledLoopStart opcode.

tags | advisory
advisories | CVE-2017-8659
MD5 | c8362b5a1c7c3dbeb8acb12f5b8d33af
Microsoft Chakra JIT Server IRBuilder::Build Integer Overflow
Posted Aug 16, 2017
Authored by Ivan Fratric, Google Security Research

The Microsoft Chakra JIT server suffers from an integer overflow in IRBuilder::Build.

tags | advisory, overflow
advisories | CVE-2017-8637
MD5 | a4a8941cfa0b53cfa91df56147d65240
Microsoft Edge CInputDateTimeScrollerElement::_SelectValueInternal Out-Of-Bounds Read
Posted Aug 16, 2017
Authored by Ivan Fratric, Google Security Research

Microsoft Edge suffers from an out-of-bounds read in CInputDateTimeScrollerElement::_SelectValueInternal. The vulnerability has been confirmed on Windows 10 Enterprise 64-bit (OS version 1607, OS build 14393.1198) and Microsoft Edge 38.14393.1066.0, Microsoft EdgeHTML 14.14393.

tags | exploit
systems | windows
advisories | CVE-2017-8644
MD5 | ae106588351f60c9e1078c6cf7ad219e
Microsoft Edge textarea.defaultValue Memory Disclosure
Posted Aug 10, 2017
Authored by Ivan Fratric, Google Security Research

There is a use-after-free vulnerability in Microsoft Edge that can lead to memory disclosure. The vulnerability has been confirmed on Windows 10 Enterprise 64-bit (OS version 1607, OS build 14393.1198), Microsoft Edge 38.14393.1066.0, Microsoft EdgeHTML 14.14393.

tags | exploit
systems | windows
advisories | CVE-2017-8652
MD5 | 94db0de217892edc8b973671be6ef85b
WebKit WebCore::RenderSearchField::addSearchResult Heap Buffer Overflow
Posted Jul 25, 2017
Authored by Ivan Fratric, Google Security Research

WebKit suffers from a WebCore::RenderSearchField::addSearchResult heap buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2017-7049
MD5 | 04b54b4fde19de5e3ff97538dc8015b4
WebKit WebCore::AccessibilityNodeObject::textUnderElement Use-After-Free
Posted Jul 25, 2017
Authored by Ivan Fratric, Google Security Research

WebKit suffers from a WebCore::AccessibilityNodeObject::textUnderElement use-after-free vulnerability.

tags | exploit
advisories | CVE-2017-7048
MD5 | 84e9da66fe8fee86e5c1ebabf24d65cc
WebKit WebCore::RenderObject Use-After-Free
Posted Jul 25, 2017
Authored by Ivan Fratric, Google Security Research

WebKit suffers from a use-after-free vulnerability in WebCore::RenderObject with accessibility enabled.

tags | exploit
advisories | CVE-2017-7046
MD5 | a4dea82325ce2ff7147bae6f3044af5b
WebKit WebCore::AccessibilityRenderObject::handleAriaExpandedChanged Use-After-Free
Posted Jul 25, 2017
Authored by Ivan Fratric, Google Security Research

WebKit suffers from a WebCore::AccessibilityRenderObject::handleAriaExpandedChanged use-after-free vulnerability.

tags | exploit
advisories | CVE-2017-7043
MD5 | d5accb37ff0433ed20451be2bf8d0d2a
WebKit WebCore::InputType::element Use-After-Free
Posted Jul 25, 2017
Authored by Ivan Fratric, Google Security Research

WebKit suffers from a WebCore::InputType::element use-after-free vulnerability.

tags | exploit
advisories | CVE-2017-7042
MD5 | 84bb52539cff54ae0d806d9a294724dc
WebKit WebCore::Node::getFlag Use-After-Free
Posted Jul 25, 2017
Authored by Ivan Fratric, Google Security Research

WebKit suffers from a WebCore::Node::getFlag use-after-free vulnerability.

tags | exploit
advisories | CVE-2017-7041
MD5 | f406ef3e1b6958dc221da9cb7f623349
WebKit WebCore::getCachedWrapper Use-After-Free
Posted Jul 25, 2017
Authored by Ivan Fratric, Google Security Research

WebKit suffers from a WebCore::getCachedWrapper use-after-free vulnerability.

tags | exploit
advisories | CVE-2017-7040
MD5 | 3a6a7d8569e29c1fb12610c995fbb00f
WebKit WebCore::Node::nextSibling Use-After-Free
Posted Jul 25, 2017
Authored by Ivan Fratric, Google Security Research

WebKit suffers from a WebCore::Node::nextSibling use-after-free vulnerability.

tags | exploit
advisories | CVE-2017-7039
MD5 | c8f489da13b7b258afa1030ba904ea43
Page 1 of 3
Back123Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    4 Files
  • 19
    Nov 19th
    2 Files
  • 20
    Nov 20th
    9 Files
  • 21
    Nov 21st
    15 Files
  • 22
    Nov 22nd
    23 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close