SSD Advisory – Chrome Type Confusion in JSCreateObject Operation to RCE
Credit to Author: SSD / Ori Nimron| Date: Mon, 29 Oct 2018 09:21:47 +0000
Vulnerabilities Summary The following advisory discusses a vulnerability found in turbofan, the JIT compiler. We can trigger the JavaScript code in a way that leads to type confusion that can be exploited in order to execute code remotely on Google Chrome Versions 69.0 and before. Vendor Response Vendor has fixed the issue in Google Chrome … Continue reading SSD Advisory – Chrome Type Confusion in JSCreateObject Operation to RCE
Read more