-
Exploiting a Cross-mmap Overflow in Firefox
This post will explore how CVE-2016-9066, a simple but quite interesting (from an exploitation perspective) vulnerability in Firefox, can be exploited to gain code execution.
...
-
Pwning Lua through 'load'
In this post we’ll take a look at how to exploit the
load
function in Lua....
-
JSC Array.slice out-of-bounds access
CVE-2016-4622 is an out-of-bounds access bug in the C++ implementation of Array.slice. A detailed writeup of the bug can be found on phrack, the accompanying source code can be found on github.
...
-
JSC %TypedArray%.slice infoleak
Just a very quick writeup of a bug I found in JavaScriptCore a few weeks ago. The code was at that time only shipping in the Safari Technology Preview and got fixed there with release 12.
...
subscribe via RSS