Showing 1 - 5 of 5

CVE-2019-5786

Status Candidate

Overview

Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

Related Files

Chrome Browser FileReader Use-After-Free: Posted Mar 3, 2021; Authored by Akshay Sharma; This whitepaper goes into detail on how to leverage a Chrome Browser use-after-free vulnerability in FileReader with Metasploit.; tags | paper; advisories | CVE-2019-5786; MD5 | 223b37e61fd45dae8f42b5c2aab41495; Download | Favorite | View

Chrome 72.0.3626.119 FileReader Use-After-Free: Posted May 8, 2019; Authored by Clement LECIGNE, timwr, Istvan Kurucsai | Site metasploit.com; This exploit takes advantage of a use after free vulnerability in Google Chrome 72.0.3626.119 running on Windows 7 x86. The FileReader.readAsArrayBuffer function can return multiple references to the same ArrayBuffer object, which can be freed and overwritten with sprayed objects. The dangling ArrayBuffer reference can be used to access the sprayed objects, allowing arbitrary memory access from Javascript. This is used to write and execute shellcode in a WebAssembly object. The shellcode is executed within the Chrome sandbox, so you must explicitly disable the sandbox for the payload to be successful.; tags | exploit, arbitrary, x86, javascript, shellcode; systems | windows, 7; advisories | CVE-2019-5786; MD5 | 1845174659a656cb293c5dd2f17fe75c; Download | Favorite | View

Gentoo Linux Security Advisory 201903-23: Posted Mar 28, 2019; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201903-23 - Multiple vulnerabilities have been found in Chromium, the worst of which could result in the remote execution of code. Versions less than 73.0.3683.75 are affected.; tags | advisory, remote, vulnerability; systems | linux, gentoo; advisories | CVE-2018-17479, CVE-2019-5786, CVE-2019-5787, CVE-2019-5788, CVE-2019-5789, CVE-2019-5790, CVE-2019-5791, CVE-2019-5792, CVE-2019-5793, CVE-2019-5794, CVE-2019-5795, CVE-2019-5796, CVE-2019-5797, CVE-2019-5798, CVE-2019-5799, CVE-2019-5800, CVE-2019-5801, CVE-2019-5802, CVE-2019-5803, CVE-2019-5804; MD5 | 907460bdcf468c12ba4df32e8a1dfe34; Download | Favorite | View

Debian Security Advisory 4404-1: Posted Mar 11, 2019; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4404-1 - Clement Lecigne discovered a use-after-free issue in chromium's file reader implementation. A maliciously crafted file could be used to remotely execute arbitrary code because of this problem.; tags | advisory, arbitrary; systems | linux, debian; advisories | CVE-2019-5786; MD5 | f259f323229f50aeb91583a49ffac28b; Download | Favorite | View

Red Hat Security Advisory 2019-0481-01: Posted Mar 11, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-0481-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 72.0.3626.121. Issues addressed include a use-after-free vulnerability.; tags | advisory, web; systems | linux, redhat; advisories | CVE-2019-5786; MD5 | 76a151840b23bbe457bb7058e4c960dd; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 83 files
Ubuntu 38 files
malvuln 37 files
Richard Jones 11 files
th3d1gger 5 files
thc 4 files
Rajvardhan Agarwal 4 files
Gentoo 4 files
gosh 3 files
xynmaps 3 files

File Archives

Systems

AIX (421)
Apple (1,781)
BSD (368)
CentOS (52)
Cisco (1,903)
Debian (5,945)
Fedora (1,688)
FreeBSD (1,241)
Gentoo (4,044)
HPUX (873)
iOS (288)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (39,719)
Mac OS X (675)
Mandriva (3,105)
NetBSD (255)
OpenBSD (473)
RedHat (9,873)
Slackware (941)
Solaris (1,598)
SUSE (1,444)
Ubuntu (7,197)
UNIX (8,872)
UnixWare (180)
Windows (5,890)
Other

CVE-2019-5786

Overview

Related Files

File Archive:

April 2021

Top Authors In Last 30 Days

File Tags

File Archives

Systems