There's a bunch of misinformation about the new Firefox exploit so I'd like to clear a few things up. https://twitter.com/movrcx/status/803744059022069760 …
This Tweet is unavailable.
-
First off, it's a garden variety use-after-free, not a heap overflow, and it affects the SVG parser Firefox.
MWR published research in this area years ago in WebKit, and it appears that Firefox is lagging a few years behind. https://labs.mwrinfosecurity.com/blog/mwr-labs-pwn2own-2013-write-up-webkit-exploit/ …
-
-
As far as exploit techniques, this is a routine UAF that heap sprays a controlled object to kick off a ROP chain. Pwn2Own 2012-level tech.
-
The controlled object eventually gives them RW access to memory, then its game over.
- 12 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.