7.6
CVSSv2

CVE-2019-0539

Published: 08/01/2019 Updated: 05/03/2019
CVSS v2 Base Score: 7.6 | Impact Score: 10 | Exploitability Score: 4.9
CVSS v3 Base Score: 7.5 | Impact Score: 5.9 | Exploitability Score: 1.6
VMScore: 778
Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

Vulnerability Summary

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0567, CVE-2019-0568.

Vulnerability Trend

Affected Products

Vendor Product Versions
MicrosoftChakracore-
MicrosoftEdge-

Exploits

/* Issue description This is similar to issue 1702 (wwwexploit-dbcom/exploits/46203) This time, it uses an InitClass instruction to reach the SetIsPrototype method PoC: */ function opt(o, c, value) { ob = 1; class A extends c { } oa = value; } function main() { for (let i = 0; i < 2000; i++) { ...
<html> <script> /* # Exploit Title: [getting Read permission through Type Confusion] # Date: [date] # Exploit Author: [Fahad Aid Alharbi] # Vendor Homepage: [wwwmicrosoftcom/en-us/] # Version: [Chakra 1_11_4] (REQUIRED) # Tested on: [Windows 10] # CVE : [cve-2019-0539] */ /* author @0x4142 => Fahad Aid Alharbi * cve-2019 ...
NewScObjectNoCtor and InitProto opcodes are treated as having no side effects, but actually they can have via the SetIsPrototype method of the type handler that can cause transition to a new type This can lead to type confusion in the JITed code In the PoC, it overwrites the pointer to property slots with 0x1000000001234 PoC for NewScObjectNo ...

Mailing Lists

Microsoft Edge Chakra version 1114 read permission via type confusion proof of concept exploit ...

Github Repositories

From noob to 0day developer Introduction the reason why I'm writting this kind of how-to become you into a exploit writer is because I was in the same boat as you , So I had to research link by link to find the right ones I call this kind of how-to course from noob to hero covering the basics of penetration testing to the hottest topic such as Sandbox Escape The inspirat

Awesome Advanced Windows Exploitation References List of Awesome Advanced Windows Exploitation References This list is for anyone wishing to upgrade on their Windows Exploitation Knowledge Anyway, this is a living resources and will update regularly with latest research articles/talks of awesome researchers Kudos to all orignial authors of each research ref You can help by s

Awesome Advanced Windows Exploitation References List of Awesome Advanced Windows Exploitation References This list is for anyone wishing to upgrade on their Windows Exploitation Knowledge Anyway, this is a living resources and will update regularly with latest research articles/talks of awesome researchers Kudos to all orignial authors of each research ref You can help by s

Case Study of JavaScript Engine Vulnerabilities V8 CVE Number Feature Keywords Credit CVE-2013-6632 TypedArray Integer Overflow, OOB Pinkie Pie CVE-2014-1705 TypedArray Invalid Array Length, OOB geohot CVE-2014-3176 Arrayconcat Side Effect, OOB lokihardt CVE-2014-7927 Optimization asmjs, OOB Christian Holler CVE-2014-7928 Optimization Array Christian Holler C

Awesome CVE PoC A curated list of CVE PoCs Here is a collection about Proof of Concepts of Common Vulnerabilities and Exposures, and you may also want to check out awesome-web-security Please read the contribution guidelines before contributing This repo is full of PoCs for CVEs If you enjoy this awesome list and would like to support it, check out my Patreon page :