[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FD] 1503A - Chrome - ui::AXTree::Unserialize use-after-free
- To: Full-disclosure <fulldisclosure@xxxxxxxxxxxx>
- Subject: [FD] 1503A - Chrome - ui::AXTree::Unserialize use-after-free
- From: Berend-Jan Wever <berendjanwever@xxxxxxxxx>
- Date: Fri, 17 Jul 2015 02:00:35 +0200
T*L;DR*
After 60 day deadline has passed, I am releasing details on an unfixed
use-after-free vulnerability in Chrome's accessibility features, which are
disabled by default. The issue does not look exploitable.
*More details*
http://berendjanwever.blogspot.nl/2015/07/1503a-chrome-uiaxtreeunserialize-use.html
*Chromium bug*https://code.google.com/p/chromium/issues/detail?id=479743
Cheers,
SkyLined
---- Gratuitous ASCII
---------------------------------------------------------
db
db
SOMEBODYb SETUPUS SS
SS
SS db db db CSb, db CD CD SS
SS
;S; CTHEBOMBSb ,SY' CMOVEZIGb ,SY' `" SS_ SS
SS
,SP SS SS _qSS" SP _qSS" iD SSSSb,_ SS
SS
dSYb iS' SS CS7"SS ,SP` CS7"SS ,SS` SS `'*YD YP
YP
dS' Yb ,S* SP SS _,S7' SS _,dSP'
SS
4S' YD C* CSP` YP CS7"` YP CS7' YP CD
CD
for great
justice
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/