Microsoft Internet Explorer 9 jscript9 JavaScriptStackWalker Memory Corruption
Posted by deepcore on December 7, 2016 – 6:54 am
A specially crafted web-page can trigger a memory corruption vulnerability in Microsoft Internet Explorer 9. A pointer set up to point to certain data on the stack can be used after that data has been removed from the stack. This results in a stack-based analog to a heap use-after-free vulnerability. The stack memory where the data was stored can be modified by an attacker before it is used, allowing remote code execution.
Post a reply
You must be logged in to post a comment.