what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 130 RSS Feed

Files from Ivan Fratric

Email addressifratric at google.com
First Active2007-03-08
Last Active2024-03-18
Webkit WebCore::SimpleLineLayout::RunResolver::runForPoint Out-Of-Bounds Read
Posted Nov 22, 2017
Authored by Ivan Fratric, Google Security Research

WebKit suffers from an out-of-bounds read in WebCore::SimpleLineLayout::RunResolver::runForPoint.

tags | exploit
advisories | CVE-2017-13784
SHA-256 | 7f0b76853cb76566efef7ad4bbe91c9b1977f8a050e942ee1915da7aaa16182d
WebKit WebCore::RenderText::localCaretRect Out-Of-Bounds Read
Posted Nov 22, 2017
Authored by Ivan Fratric, Google Security Research

WebKit suffers from an out-of-bounds read in WebCore::RenderText::localCaretRect.

tags | exploit
advisories | CVE-2017-13785
SHA-256 | d2bf26a53165b570a6f5bd7f1fb66d35b7d3557d70deadf09f219c638ad86390
WebKit WebCore::AXObjectCache::performDeferredCacheUpdate Use-After-Free
Posted Nov 22, 2017
Authored by Ivan Fratric, Google Security Research

There is a use-after-free security vulnerability in WebCore::AXObjectCache::performDeferredCacheUpdate in WebKit.

tags | advisory
advisories | CVE-2017-13795
SHA-256 | 62c0de0a642ecdcec245a8979e15e6e5eae034411bc424e6de622292cdf7d05d
WebKit WebCore::PositionIterator::decrement Use-After-Free
Posted Nov 22, 2017
Authored by Ivan Fratric, Google Security Research

There is a use-after-free security vulnerability in WebCore::PositionIterator::decrement in WebKit.

tags | exploit
advisories | CVE-2017-13797
SHA-256 | 217896fe315974d6577ecc8038ef7d0482b7caa767addabaa181135a8707de87
WebKit WebCore::InputType::element Use-After-Free
Posted Nov 22, 2017
Authored by Ivan Fratric, Google Security Research

There is a use-after-free security vulnerability in WebCore::InputType::element in WebKit.

tags | exploit
advisories | CVE-2017-13792
SHA-256 | 9a6ded12652b60c99c885a3f11eb3a8a7fd2b0c6515de6074753cec8628787a6
WebKit WebCore::TreeScope::documentScope Use-After-Free
Posted Nov 22, 2017
Authored by Ivan Fratric, Google Security Research

There is a use-after-free security vulnerability in WebCore::TreeScope::documentScope in WebKit.

tags | exploit
advisories | CVE-2017-13796
SHA-256 | 3105ce149b3a63d509b7533ead0fa793978656a94530db60af67ab8b9675497f
Microsoft Internet Explorer 11 jscript!JsErrorToString Use-After-Free
Posted Nov 10, 2017
Authored by Ivan Fratric, Google Security Research

Microsoft Internet Explorer 11 suffers from a use-after-free vulnerability in jscript!JsErrorToString.

tags | exploit
advisories | CVE-2017-11810
SHA-256 | b68b161a3b42e7a725d37eb0375faba5d57699ba45d34baf650b120307b35284
Microsoft Edge Partial Page Loading Memory Corruption
Posted Sep 19, 2017
Authored by Ivan Fratric, Google Security Research

There is a security issue in Microsoft Edge related to how HTML documents are loaded. If Edge displays a HTML document from a slow HTTP server, it is possible that a part of the document is going to be rendered before the server has finished sending the document. It is also possible that some JavaScript code is going to trigger. By making DOM modifications before the document had a chance of fully loading, followed by another set of DOM modifications after the page has been loaded, it is possible to trigger memory corruption that could possibly lead to an exploitable condition.

tags | exploit, web, javascript
advisories | CVE-2017-8731
SHA-256 | 5907d1f5e11d78ce0680fb433a3f355dee6f8223e8d01f9b8f025438c5f23e93
Microsoft Edge COptionsCollectionCacheItem::GetAt Out-Of-Bounds Read
Posted Sep 19, 2017
Authored by Ivan Fratric, Google Security Research

There is an out-of-bounds read issue in Microsoft Edge that could potentially be turned into remote code execution. The vulnerability has been confirmed on Microsoft Edge 38.14393.1066.0 (Microsoft EdgeHTML 14.14393) as well as Microsoft Edge 40.15063.0.0 (Microsoft EdgeHTML 15.15063).

tags | exploit, remote, code execution
advisories | CVE-2017-8734
SHA-256 | 50a17f878e4cb540b01d5045a6e10dff2e139109eb14511dd0fda4dc068c0013
Microsoft Edge DuplicateHandle ACG Bypass
Posted Sep 15, 2017
Authored by Ivan Fratric, Google Security Research

ACG (Arbitrary Code Guard) in Microsoft Edge is bypassable. The bypass has been tested on Microsoft Edge 40.15063.0.0 running on Windows 10 Enterprise 64-bit with Creators Update (Version 1703, OS build 15063.413).

tags | exploit, arbitrary
systems | windows
SHA-256 | be1f44546390cca193ef1aff01a301005ed93d7d18025eb795e529774e3bd275
Microsoft Chakra JIT Server Out-Of-Bounds Write
Posted Aug 16, 2017
Authored by Ivan Fratric, Google Security Research

The Microsoft Chakra JIT server suffers from an out-of-bounds write when processing a Js::OpCode::ProfiledLoopStart opcode.

tags | advisory
advisories | CVE-2017-8659
SHA-256 | 387a94a74877e5ae454670d88bca2108bf8b2e2ad1eedbea3c88071c8f4cfb35
Microsoft Chakra JIT Server IRBuilder::Build Integer Overflow
Posted Aug 16, 2017
Authored by Ivan Fratric, Google Security Research

The Microsoft Chakra JIT server suffers from an integer overflow in IRBuilder::Build.

tags | advisory, overflow
advisories | CVE-2017-8637
SHA-256 | 6639f5e0c1bdd2f5bed8084c2cf405fcb0a5da8cf37e3dda8f8472c91bcd2d16
Microsoft Edge CInputDateTimeScrollerElement::_SelectValueInternal Out-Of-Bounds Read
Posted Aug 16, 2017
Authored by Ivan Fratric, Google Security Research

Microsoft Edge suffers from an out-of-bounds read in CInputDateTimeScrollerElement::_SelectValueInternal. The vulnerability has been confirmed on Windows 10 Enterprise 64-bit (OS version 1607, OS build 14393.1198) and Microsoft Edge 38.14393.1066.0, Microsoft EdgeHTML 14.14393.

tags | exploit
systems | windows
advisories | CVE-2017-8644
SHA-256 | 0c7c105204e786ed354e8850c674a49c8d2983959710c13a19f428b802d31607
Microsoft Edge textarea.defaultValue Memory Disclosure
Posted Aug 10, 2017
Authored by Ivan Fratric, Google Security Research

There is a use-after-free vulnerability in Microsoft Edge that can lead to memory disclosure. The vulnerability has been confirmed on Windows 10 Enterprise 64-bit (OS version 1607, OS build 14393.1198), Microsoft Edge 38.14393.1066.0, Microsoft EdgeHTML 14.14393.

tags | exploit
systems | windows
advisories | CVE-2017-8652
SHA-256 | 6c092dbe2c1f903c835e705268adc2d309af972d14f860be14610356e48c272c
WebKit WebCore::RenderSearchField::addSearchResult Heap Buffer Overflow
Posted Jul 25, 2017
Authored by Ivan Fratric, Google Security Research

WebKit suffers from a WebCore::RenderSearchField::addSearchResult heap buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2017-7049
SHA-256 | 4857989b812be535ca2a0333f4fc063225535c5a1fe5d4ed290ef1ed550fe158
WebKit WebCore::AccessibilityNodeObject::textUnderElement Use-After-Free
Posted Jul 25, 2017
Authored by Ivan Fratric, Google Security Research

WebKit suffers from a WebCore::AccessibilityNodeObject::textUnderElement use-after-free vulnerability.

tags | exploit
advisories | CVE-2017-7048
SHA-256 | 2c4791349359086c7adcb2d645742cfa4c6b35eba2831689924c2a562b2a4f62
WebKit WebCore::RenderObject Use-After-Free
Posted Jul 25, 2017
Authored by Ivan Fratric, Google Security Research

WebKit suffers from a use-after-free vulnerability in WebCore::RenderObject with accessibility enabled.

tags | exploit
advisories | CVE-2017-7046
SHA-256 | 6f4055f8c47d2cd352507cfd33da6af6a1b23136f339db9715ff1454fc57d670
WebKit WebCore::AccessibilityRenderObject::handleAriaExpandedChanged Use-After-Free
Posted Jul 25, 2017
Authored by Ivan Fratric, Google Security Research

WebKit suffers from a WebCore::AccessibilityRenderObject::handleAriaExpandedChanged use-after-free vulnerability.

tags | exploit
advisories | CVE-2017-7043
SHA-256 | 98991424a644c47d5333233cabf4be78b0b7efb8db1eb885c5daeef0bfbfa1d2
WebKit WebCore::InputType::element Use-After-Free
Posted Jul 25, 2017
Authored by Ivan Fratric, Google Security Research

WebKit suffers from a WebCore::InputType::element use-after-free vulnerability.

tags | exploit
advisories | CVE-2017-7042
SHA-256 | 26accfef3c015e940fb5ee457cb6a29a72c381aeafaf3f15e41b5c7a42c7d015
WebKit WebCore::Node::getFlag Use-After-Free
Posted Jul 25, 2017
Authored by Ivan Fratric, Google Security Research

WebKit suffers from a WebCore::Node::getFlag use-after-free vulnerability.

tags | exploit
advisories | CVE-2017-7041
SHA-256 | 6eef1993e0cd62e0fad5f186f71640c1ddc0dd0940b55f1ad76e91e12504c088
WebKit WebCore::getCachedWrapper Use-After-Free
Posted Jul 25, 2017
Authored by Ivan Fratric, Google Security Research

WebKit suffers from a WebCore::getCachedWrapper use-after-free vulnerability.

tags | exploit
advisories | CVE-2017-7040
SHA-256 | b0d62cf7ab42c752da7c6b95126b1b47b02f6705a61df1f00207db405ed0dcff
WebKit WebCore::Node::nextSibling Use-After-Free
Posted Jul 25, 2017
Authored by Ivan Fratric, Google Security Research

WebKit suffers from a WebCore::Node::nextSibling use-after-free vulnerability.

tags | exploit
advisories | CVE-2017-7039
SHA-256 | 8fb09a6df3645a5bb6ae947a46e56826654f1c6c20cf3208f9247bd19743e887
Microsoft Internet Explorer VBScript Type Confusion
Posted Jul 19, 2017
Authored by Ivan Fratric, Google Security Research

Microsoft Internet Explorer suffers from a VBScript arithmetic function type confusion vulnerability.

tags | exploit
SHA-256 | f40f028ace681031a746b0e8ecc785e770f04baf897fa1f1b397ec507e8a1a00
Microsoft Internet Explorer 11 CMarkup::DestroySplayTree Memory Corruption
Posted Jul 18, 2017
Authored by Ivan Fratric, Google Security Research

Microsoft Internet Explorer suffers from a memory corruption vulnerability in CMarkup::DestroySplayTree. The bug was confirmed on IE version 11.0.9600.18617 (Update version 11.0.40) running on Windows 7 64-bit.

tags | exploit
systems | windows
advisories | CVE-2017-8594
SHA-256 | c58903dd193f7839cd836f12f61a126151db2248cb30e60241e98c8ec782dd43
Microsoft Edge CssParser::RecordProperty Type Confusion
Posted Jun 24, 2017
Authored by Ivan Fratric, Google Security Research

Microsoft Edge suffers from a type confusion vulnerability in CssParser::RecordProperty.

tags | exploit
advisories | CVE-2017-8496
SHA-256 | 1aa785f1fd6f0eb74b2354c469073d303a744ebbead37d6b9b3783902311bdfb
Page 4 of 6
Back23456Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    18 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close