This is a follow-up finding that the fix for an incorrect jit optimization with TypedArray setter in Microsoft Edge Chakra may not be sufficient.
>> CATEGORY: exploit
Microsoft Edge Charka does not handle CallInfo properly in JavascriptFunction::EntryCall.
Microsoft Edge Chakra suffers from an uninitialized arguments vulnerability.
Microsoft Edge Chakra suffers from an uninitialized arguments vulnerability in Parser::ParseFncFormals with the “PNodeFlags::fpnArguments_overriddenInParam” flag.
Microsoft Edge Chakra suffers from an integer overflow vulnerability in EmitNew.
Yet another finding that the fix for an incorrect jit optimization with TypedArray setter in Microsoft Edge Chakra may not be sufficient.
The included proof of concept file causes the traits of an ActionScript object to be accessed out of bounds in Adobe Flash. This can probably lead to exploitable type confusion.
OSNEXUS QuantaStor version 4 suffers from multiple information disclosure vulnerabilities including user enumeration.
Internet Download Manager version 6.28 Build 17 SEH unicode buffer overflow exploit.
ClipBucket version2.8.3 suffers from remote SQL injection, arbitrary file read/write, and default credential vulnerabilities.