header-logo
Suggest Exploit
vendor:
Project Zero
by:
Project Zero
7,8
CVSS
HIGH
Out-of-Bounds Read
125
CWE
Product Name: Project Zero
Affected Version From: 0.1
Affected Version To: 0.2
Patch Exists: YES
Related CWE: CVE-2020-1212
CPE: a:project_zero:project_zero
Metasploit: https://www.rapid7.com/db/vulnerabilities/msft-cve-2020-1212/
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows, Linux, Mac
2020

The attached file causes an out-of-bounds read in avc edge processing.

A vulnerability in the avc edge processing of the Project Zero project could allow an attacker to read data from memory locations outside of the intended bounds. This could lead to the disclosure of sensitive information, such as passwords, or the execution of arbitrary code.

Mitigation:

The Project Zero team has released a patch to address this vulnerability.
Source

Exploit-DB raw data:

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1212

The attached file causes an out-of-bounds read in avc edge processing.


Proof of Concept:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/42247.zip

Navigation

Suggest Exploit

Services By CQR