{"uuid": "8f099e18-f6c2-41d2-83c6-271de635a1af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2018-17463", "type": "published-proof-of-concept", "source": "https://t.me/ExcreamOnSecurity/115", "content": "Exploiting Logic Bugs in JavaScript JIT Engines\n\nThis article strives to give an introduction into just-in-time (JIT)\ncompiler vulnerabilities at the example of CVE-2018-17463, a bug found\nthrough source code review and used as part of the hack2win [1] competition\nin September 2018. The vulnerability was afterwards patched by Google with\ncommit 52a9e67a477bdb67ca893c25c145ef5191976220 \"[turbofan] Fix\nObjectCreate's side effect annotation\" and the fix was made available to\nthe public on October 16th with the release of Chrome 70.\n\nhttp://phrack.org/papers/jit_exploitation.html\n\n#jit #exploitation #chrome", "creation_timestamp": "2019-05-08T00:04:39.000000Z"}