CVE-2023-2133 Poc

CVE-2023-2133 Poc

vZip by Prapattimynk

🔥Memory corruption due to accessing invalid context(Issue 1429197, CVE-2023-2133)The functionServiceWorkerGlobalScope::FetchHandlerTypecallsJSEventListener::GetEffectiveFunctionat line, and the latter

Android Android 5.0Exploits And POCs
( 231 ratings )
Price: $0
File CVE-2023-2133
Publisher Prapattimynk
Genre Exploits And POCs
Size 1 kb
File Type Zip
Os All
Mod Version Zip
Report Report
CVE-2023-2133 is the most famous version in the CVE-2023-2133 series of publisher
Download

🔥Memory corruption due to accessing invalid context(Issue 1429197, CVE-2023-2133)
The function

ServiceWorkerGlobalScope::FetchHandlerType

calls

JSEventListener::GetEffectiveFunction

at line, and the latter may calls

v8::Object::Get

to retrieve the “handleEvent” property of the listener object . If “handleEvent” is an accessor, Invoke will be called to execute the getter. The problem is that the caller (

FetchHandlerType

) does not ensure a valid context exists at this time, resulting in memory corruption for accessing invalid context object at line.

How to reproduce:
1️⃣ Host

poc.html

&

worker.js

:

python -m http.server 8000

2️⃣

out\release\chrome.exe http://localhost:8000/poc.html


Recommended for You

You may also like

Comments

Your email address will not be published. Required fields are marked *

Next Post X
Ads Blocker Image Powered by Code Help Pro

AdBlocker Detected!!!

We have detected that you are using extensions to block ads. Please support us by disabling these ads blocker.