to clear it up, jist of the bug is that arguments.length is accessed twice, first time as actual nr of arguments, 2nd to copy them.
-
-
-
anyway nice writeup, glad you liked the bug :)
-
Thanks! I hope to learn more about webkit in the future and maybe write my own exploit one day and your exploit was a good starting point
End of conversation
New conversation -
-
-
the 'arguments' array is actually 0xffff, but it forgets to initialize all but the 1st: no actual out-of-bounds access happens until later
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
I have a PS4 (FAT) on 4.05. Can you rewrite it, please ?pic.twitter.com/5YvpsuiWdB
-
lol and 4.01 ;)
End of conversation
New conversation -
-
-
as always thx to you :)
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Thanks for the write up very interesting read!
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Ps4 slim problem
-
I tested om slim 3.55. at the 3rd try it worked.
End of conversation
New conversation -
-
-
You are a god ! Rooting for you in your 4.05 journey!
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Very good! Thank you for your work and for sharing your knowledge!!
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
thank you specter
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
I'm on 4.73 :( any chance
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
how I download or activate locked games
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Thank you ~
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.