Microsoft Windows JScript RegExp.lastIndex Use-After-Free
Posted by deepcore on August 29, 2018 – 6:55 am
There is a use-after-free vulnerability in jscript.dll related to how the lastIndex property of a RegExp object is handled. This vulnerability can be exploited through Internet Explorer or potentially through WPAD over local network. The vulnerability has been reproduced on multiple Windows versions with the most recent patches applied.
Post a reply
You must be logged in to post a comment.