Getting RCE in Chrome with incorrect side effect in the JIT compiler
(github.blog)
from tedu@inks.tedunangst.com to inks@inks.tedunangst.com on 29 Sep 2023 00:06
https://inks.tedunangst.com/l/5040
from tedu@inks.tedunangst.com to inks@inks.tedunangst.com on 29 Sep 2023 00:06
https://inks.tedunangst.com/l/5040
In this post, I’ll exploit CVE-2023-3420, a type confusion in Chrome that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.
#browser #exploit #javascript #jit #programming #security
#browser #exploit #inks #javascript #jit #programming #security
threaded - newest