• Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

spidermonkey

  1. 1

    Exploits Spidermonkey IonMonkey Incorrect Prediction

    Spidermonkey IonMonkey incorrectly predicts return type of Array.prototype.pop, leading to type confusion vulnerabilities. View the full article
  2. 1

    Exploits Spidermonkey IonMonkey JS_OPTIMIZED_OUT Value Leak

    Spidermonkey IonMonkey can, during a bailout, leak an internal JS_OPTIMIZED_OUT magic value to the running script. This magic value can then be used to achieve memory corruption. View the full article
  3. 1

    Exploits SpiderMonkey IonMonkey Type Confusion

    A bug in IonMonkey leaves type inference information inconsistent, which in turn allows the compilation of JITed functions that cause type confusions between arbitrary objects. View the full article
  4. 1

    Exploits SpiderMonkey IonMonkey Type Confusion

    A bug in IonMonkeys type inference system when JIT compiling and entering a constructor function via on-stack replacement (OSR) allows the compilation of JITed functions that cause type confusions between arbitrary objects. View the full article
Back
Top