• Exploiting a Cross-mmap Overflow in Firefox

  Mar 10, 2017

  This post will explore how CVE-2016-9066, a simple but quite interesting (from an exploitation perspective) vulnerability in Firefox, can be exploited to gain code execution.

  ...

• Pwning Lua through 'load'

  Jan 1, 2017

  In this post we’ll take a look at how to exploit the load function in Lua.

  ...

• JSC Array.slice out-of-bounds access

  Oct 29, 2016

  CVE-2016-4622 is an out-of-bounds access bug in the C++ implementation of Array.slice. A detailed writeup of the bug can be found on phrack, the accompanying source code can be found on github.

  ...

• JSC %TypedArray%.slice infoleak

  Sep 19, 2016

  Just a very quick writeup of a bug I found in JavaScriptCore a few weeks ago. The code was at that time only shipping in the Safari Technology Preview and got fixed there with release 12.

  ...

subscribe via RSS