Ad End 1 August 2026
Ad End 4 july 2026
ad End 17 June 2026
ad End 25 July 2026
banner Expire 25 July 2026
adv exp at 20 April 2026
banner Expire 25 July 2025
banner Expire 3 July 2026
Ads end 31 October 2026
Menu
What's new
By:
Filters
Ad expires at 9 July 2026
Ads end 31 October 2026
Wizard's shop 2.0
RonalClub cc shop
Patrick Stash
Luki Crown
best shop
best shop

Chrome 72.0.3626.119 filereader use-after-free

File_closed07

File_closed07

TRUSTED VERIFIED SELLER
Staff member
Joined
Jun 13, 2020
Messages
8,076
Reaction score
1,049
Points
212
Awards
2
  • trusted user
  • Rich User
[IMG]

This exploit takes advantage of a use after free vulnerability in Google Chrome 72.0.3626.119 running on Windows 7 x86. The FileReader.readAsArrayBuffer function can return multiple references to the same ArrayBuffer object, which can be freed and overwritten with sprayed objects. The dangling ArrayBuffer reference can be used to access the sprayed objects, allowing arbitrary memory access from Javascript.

This is used to write and execute shellcode in a WebAssembly object. The shellcode is executed within the Chrome sandbox, so you must explicitly disable the sandbox for the payload to be successful.

MD5 | 1845174659a656cb293c5dd2f17fe75c

Download

Spoiler

end

end
Click to expand...
 
You must log in or register to reply here.
Ad End 1 November 2024
Top