Google Chrome remote code execution flaw detailed, PoC released – Help Net Security

chrome-400x200

Vulnerability broker Beyond Security has released details about and Proof of Concept code for a remote code execution bug affecting Google Chrome.

“The [type confusion] vulnerability results from incorrect optimization by the turbofan compiler, which causes confusion between access to an object array and a value array, and therefore allows to access objects as if they were values by reading them as if they were values (thus receiving their in memory address) or vice-versa to write values into an object array and thus being able to fake objects completely,” the company explained.

Click here to view original web page at www.helpnetsecurity.com

Categories:

Your e-mail address will not be published.
Required fields are marked*