Skip to content
/ chakra-type-confusions Public

Chakra Type Confusions - PoCs of Edge's legacy JS engine vulnerabilities that inject code into the JIT process

6 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ommadawn46/chakra-type-confusions

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
js
js
 
 
util
util
 
 
README.md
README.md
 
 
chakra-type-confusions.html
chakra-type-confusions.html
 
 

Repository files navigation

Chakra Type Confusions

This repository contains PoCs for type confusion vulnerabilities in the ChakraCore engine used by Microsoft Edge (EdgeHTML version, not Chromium-based Edge).

The PoCs inject dummy code (specifically an int 3 followed by nop) into a Just-In-Time (JIT) compilation process.

To verify the PoCs, attach a debugger to a JIT compilation process (one of the MicrosoftEdgeCP.exe processes) and execute the PoCs.

Tested Environment

  • Windows 10 Version 1703 (OS Build 15063.0)

Type Confusion Vulnerabilities

References

About

Chakra Type Confusions - PoCs of Edge's legacy JS engine vulnerabilities that inject code into the JIT process

Topics

chakra chakracore browser-exploitation type-confusion cve-2019-0567 cve-2019-0539 cve-2018-8617

Resources

Readme
Activity

Stars

6 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages