Home / os / wince

Microsoft Edge Windows 10 - Info Leak / Type Confusion Remote Code Execution

Posted on 30 November -0001

<HTML><HEAD><TITLE>Microsoft Edge (Windows 10) - Info Leak / Type Confusion Remote Code Execution</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY>Microsoft Edge Windows 10 >> 'chakra.dll' >> "chakra.dll" Info Leak + Type Confusion for RCE. Tested on Windows 10 Edge (modern.ie stable). FillFromPrototypes_TypeConfusion.html: WinExec notepad.exe FillFromPrototypes_TypeConfusion_NoSC.html: 0xcc (INT 3) # PoC # Proof of Concept exploit for Edge bugs (CVE-2016-7200 & CVE-2016-7201) # Exploit: https://github.com/TheBlaCkCoDeR09/Microsoft-Edge-Windows-10-RCE-EXPLOIT</BODY></HTML>

 

TOP