FYI: this link to my blog was 404 until early this morning. It is now up if you are still interested in reading it. On 05-12-2016 11:55, Berend-Jan Wever wrote: > Since November I have been releasing details on all vulnerabilities I > found in web-browsers that I had not released before. I will try to > continue to publish all my old vulnerabilities, including those not in > web-browser, as long as I can find some time to do so. If you find this > information useful, you can help me make some time available by donating > bitcoin to 183yyxa9s1s1f7JBpPHPmzQ346y91Rx5DX. > > This is the twenty-fifth entry in the series. This information is > available in more detail on my blog at > http://ift.tt/2h7aAC9. There you can find repros > that triggered this issue in addition to the information below. > > Today's release is interesting, as I accidentally published a repro for > this as part of #DailyBug on twitter in May of this year, believing at > the time that it was a simple NULL pointer: > https://twitter.com/berendjanwever/status/729957166447218688 > I found out not to long after that, that it was actually a security > vulnerability. Details on how this happened are below. > > Follow me on http://twitter.com/berendjanwever for daily browser bugs. > > MS Edge CBaseScriptable::PrivateQueryInterface memory corruption > ================================================================ > (MS16-068, CVE-2016-3222) > > Synopsis >
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment