Subscribe via feed.
Archive for March, 2018

[webapps] antMan 0.9.0c – Authentication Bypass

Posted by deepcore under Security (No Respond)

antMan 0.9.0c – Authentication Bypass

Tags: ,

CloudMe Sync 1.9.2 Remote Buffer Overflow

Posted by deepcore under exploit (No Respond)

CloudMe Sync version 1.9.2 remote buffer overflow exploit. Tested on Win7 32b SP1.

Softros Network Time System Server 2.3.4 Denial Of Service

Posted by deepcore under exploit (No Respond)

Softros Network Time System Server version 2.3.4 suffers from a denial of service vulnerability.

Chrome V8 JIT Optmization Bug

Posted by deepcore under exploit (No Respond)

Chrome V8 JIT suffers from a simplified-lowererer IrOpcode::kStoreField, IrOpcode::kStoreElement optimization bug.

Chrome V8 Out-Of-Bounds Read

Posted by deepcore under exploit (No Respond)

Chrome V8 has an empty BytecodeJumpTable that may lead to an out-of-bounds read.

Chrome V8 JIT JSBuiltinReducer::ReduceObjectCreate NULL Check Fail

Posted by deepcore under exploit (No Respond)

Chrome V8 JIT JSBuiltinReducer::ReduceObjectCreate fails to ensure that the prototype is “null”.

Chrome V8 JIT GetSpecializationContext Type Confusion

Posted by deepcore under exploit (No Respond)

Chrome V8 JIT suffers from a type confusion vulnerability in GetSpecializationContext.

[dos] Chrome V8 JIT – Simplified-lowererer IrOpcode::kStoreField, IrOpcode::kStoreElement Optimization Bug

Posted by deepcore under Security (No Respond)

Chrome V8 JIT – Simplified-lowererer IrOpcode::kStoreField, IrOpcode::kStoreElement Optimization Bug

Tags: ,

[dos] Chrome V8 JIT – 'GetSpecializationContext' Type Confusion

Posted by deepcore under Security (No Respond)

Chrome V8 JIT – ‘GetSpecializationContext’ Type Confusion

Tags: ,

[dos] Chrome V8 JIT – Empty BytecodeJumpTable Out-of-Bounds Read

Posted by deepcore under Security (No Respond)

Chrome V8 JIT – Empty BytecodeJumpTable Out-of-Bounds Read

Tags: ,