Exploit the possiblities
Showing 1 - 25 of 87 RSS Feed

Files from lokihardt

First Active2017-02-24
Last Active2018-01-18
Microsoft Edge Chakra AsmJSByteCodeGenerator::EmitCall Call Handling
Posted Jan 18, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra suffers from an AsmJSByteCodeGenerator::EmitCall call handling bug.

tags | exploit
advisories | CVE-2018-0780
MD5 | 1c7860ec256452b1d95a1e70975c4a35
Microsoft Edge Chakra JIT Loop Analysis Bug
Posted Jan 18, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from a loop analysis bug that can perform an out-of-bounds write.

tags | exploit
advisories | CVE-2018-0777
MD5 | ff08702b950d0869cae0d738a90cb6ac
Microsoft Edge Chakra JIT Stack-To-Heap Copy Bug
Posted Jan 18, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from a stack-to-heap copy bug.

tags | exploit
advisories | CVE-2018-0776
MD5 | 380e5767238c8dcf3ac7de7f26e6998c
Microsoft Edge Chakra Deferred Parsing
Posted Jan 18, 2018
Authored by Google Security Research, lokihardt

Microsoft Egde Chakra deferred parsing makes wrong scopes.

tags | exploit
advisories | CVE-2018-0775
MD5 | 8ebf986754c648c945c174f53fac15d2
Microsoft Edge Chakra Incorrect Scope Handling
Posted Jan 17, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra suffers from an incorrect scope handling vulnerability.

tags | exploit
advisories | CVE-2018-0774
MD5 | f9aa042a0c635706708db62651d0068a
Microsoft Edge Chakra JavascriptGeneratorFunction::GetPropertyBuiltIns Exposure
Posted Jan 17, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra suffers from a JavascriptGeneratorFunction::GetPropertyBuiltIns exposure of scriptFunction.

tags | exploit
advisories | CVE-2017-11914
MD5 | e8df0b0b2e1f9ed2b06276033e5b5645
Microsoft Edge Chakra JIT Incorrect Bounds Calculation
Posted Jan 17, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from an out-of-bounds write vulnerability.

tags | exploit
advisories | CVE-2018-0769
MD5 | cd3a0e785ae920d4c8bf5b53a4cc3e8f
Microsoft Edge Chakra AppendLeftOverItemsFromEndSegment Out-Of-Bounds Read
Posted Jan 12, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra suffers from an out-of-bounds read in AppendLeftOverItemsFromEndSegment.

tags | advisory
advisories | CVE-2018-0767
MD5 | 6cfc877917d7438791ce00f168c6b410
Microsoft Edge Chakra JIT Missing Integer Overflow Check
Posted Jan 11, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from a missing integer overflow check in Lowerer::LowerSetConcatStrMultiItem.

tags | exploit, overflow
advisories | CVE-2018-0758
MD5 | 65fafc5cbcfc312f3b6de6a81d4ce4c3
Microsoft Edge Chakra JIT Escape Analysis Bug
Posted Jan 10, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra fails to detect if "tmp" escapes the scope, allocates it to the stack. This may lead to dereference uninitialized stack values.

tags | exploit
advisories | CVE-2017-11918
MD5 | f49a75546e986ccb23882860abd5f185
Microsoft Edge Chakra JIT asm.js Out-Of-Bounds Read
Posted Jan 10, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from an out-of-bounds read in asm.js.

tags | exploit
advisories | CVE-2017-11911
MD5 | 0ad7db805f5e80c2d07d8d3efece99ce
Microsoft Edge Chakra JIT BackwardPass::RemoveEmptyLoopAfterMemOp Failed Insert
Posted Jan 10, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT has an issue where BackwardPass::RemoveEmptyLoopAfterMemOp does not insert branches.

tags | exploit
advisories | CVE-2017-11909
MD5 | dc948f248dc2d2bfd1f170d86c25f83c
Microsoft Edge Chakra JIT Op_MaxInAnArray / Op_MinInAnArray Misuse
Posted Jan 10, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT has an issue where Op_MaxInAnArray and Op_MinInAnArray Misuse can explicitly call user defined JavaScript functions.

tags | exploit, javascript
advisories | CVE-2017-11893
MD5 | 077ed40c3d16dd77486c3f7c155974d8
Microsoft Edge Chakra JIT Incorrect Function Declaration Scope
Posted Nov 25, 2017
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from an incorrect function declaration scope.

tags | exploit
advisories | CVE-2017-11870
MD5 | 3f27494ced33a270a79920688e517df8
Microsoft Edge Chakra JIT Inline::InlineCallApplyTarget_Shared Failed Return
Posted Nov 25, 2017
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT Inline::InlineCallApplyTarget_Shared does not return the return instruction.

tags | exploit
advisories | CVE-2017-11841
MD5 | a4510584c0f734fd5474e401bf490892
Microsoft Edge Chakra JIT GlobOpt::OptTagChecks Property Consideration
Posted Nov 25, 2017
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT GlobOpt::OptTagChecks must consider IsLoopPrePass properly.

tags | exploit
advisories | CVE-2017-11840
MD5 | 5bd662559cea0fe382cb5b1af85cbdb3
Microsoft Edge Chakra JIT BailOutOnTaggedValue Bailouts
Posted Nov 25, 2017
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT BailOutOnTaggedValue bailouts can be generated for constant values.

tags | exploit
advisories | CVE-2017-11839
MD5 | b08560e7ac644d466d3a2421baf54863
Microsoft Edge Chakra JIT Bailout Generation
Posted Nov 16, 2017
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra suffers from a JIT issue where bailouts must be generated for OP_Memset.

tags | exploit
advisories | CVE-2017-11873
MD5 | c404973e6b026871d91a362e59d73a57
Microsoft Edge Charka JIT Incorrect Check
Posted Nov 16, 2017
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra suffers from a Jit related incorrect integer overflow check in Lowerer::LowerBoundCheck.

tags | exploit, overflow
advisories | CVE-2017-11861
MD5 | f57dbe49f45b04c0077db21db1563088
Microsoft Edge Chakra JIT Type Confusion
Posted Nov 16, 2017
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra suffers from a JIT related type confusion vulnerability with switch statements.

tags | exploit
advisories | CVE-2017-11811
MD5 | 8f8c70e8979dd42b0451c66d98b096e6
Microsoft Edge Object.setPrototypeOf Memory Corruption
Posted Nov 16, 2017
Authored by Google Security Research, lokihardt

Microsoft Edge suffers from a memory corruption vulnerability in Object.setPrototypeOf.

tags | exploit
advisories | CVE-2017-8751
MD5 | 92759ead0f53bf182fa98170e0d5a064
Microsoft Edge Chakra StackScriptFunction::BoxState::Box Uninitialized Pointers
Posted Oct 14, 2017
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra accesses uninitialized pointers in StackScriptFunction::BoxState::Box.

tags | exploit
advisories | CVE-2017-11809
MD5 | 18e6e8dec6b5f143ccd448fce096def8
Microsoft Edge Chakra JIT Failed RegexHelper::StringReplace Call
Posted Oct 14, 2017
Authored by Google Security Research, lokihardt

The "String.prototype.replace" method can be inlined in the JIT process. So in the method, all the calls which may break the JIT assumptions must be invoked with updating "ImplicitCallFlags". But "RegexHelper::StringReplace" calls the replace function without updating the flag. Therefore it fails to detect if a user function was called.

tags | exploit
advisories | CVE-2017-11802
MD5 | 59bdc94ef54bad4cc587d3c9269d17cb
Microsoft Edge Chakra JIT Incorrect GenerateBailOut Calling Patterns
Posted Oct 14, 2017
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT compiler creates incorrect GenerateBailOut calling patterns.

tags | exploit
advisories | CVE-2017-11799
MD5 | 11f1ed6218c70a607f5e232014a97289
WebKit JSC Incorrect Optimization
Posted Oct 3, 2017
Authored by Google Security Research, lokihardt

A proof of concept has been released that bypasses the fix for the original finding regarding an incorrect optimization in BytecodeGenerator::emitGetByVal in WebKit JSC.

tags | exploit, proof of concept
advisories | CVE-2017-7117
MD5 | c93b1f362e5c29a309a5639c5750833c
Page 1 of 4
Back1234Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    15 Files
  • 17
    Jan 17th
    16 Files
  • 18
    Jan 18th
    8 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close