Posts Tagged ‘memory’

Microsoft Edge textarea.defaultValue Memory Disclosure

There is a use-after-free vulnerability in Microsoft Edge that can lead to memory disclosure. The vulnerability has been confirmed on Windows 10 Enterprise 64-bit (OS version 1607, OS build 14393.1198), Microsoft Edge 38.14393.1066.0, Microsoft EdgeHTML 14.14393. Source: Microsoft Edge textarea.defaultValue Memory Disclosure


Unrar VMSF_DELTA Arbitrary Memory Write

It appears that the VMSF_DELTA memory corruption that was reported to Sophos AV in 2012 (and fixed there) was actually inherited from upstream unrar. For unknown reasons, whoever fixed the bug did not report this to upstream unrar, and the bug seems to have persisted there to this day. Source: Unrar VMSF_DELTA Arbitrary Memory Write