Since November I have been releasing details on all vulnerabilities I found in web-browsers that I had not released before. I will try to continue to publish all my old vulnerabilities, including those not in web-browser, as long as I can find some time to do so. If you find this information useful, you can help me make some time available by donating bitcoin to 183yyxa9s1s1f7JBpPHPmzQ346y91Rx5DX. This is the twenty-fifth entry in the series. This information is available in more detail on my blog at http://ift.tt/2h7aAC9. There you can find repros that triggered this issue in addition to the information below. Today's release is interesting, as I accidentally published a repro for this as part of #DailyBug on twitter in May of this year, believing at the time that it was a simple NULL pointer: https://twitter.com/berendjanwever/status/729957166447218688 I found out not to long after that, that it was actually a security vulnerability. Details on how this happened are below. Follow me on http://twitter.com/berendjanwever for daily browser bugs. MS Edge CBaseScriptable::PrivateQueryInterface memory corruption ================================================================ (MS16-068, CVE-2016-3222) Synopsis
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment