Forrest Orr

5 exploits Active since Jul 2019
CVE-2019-17026 EXPLOITDB HIGH javascript WORKING POC
Mozilla Firefox < 68.4.1 - Type Confusion
Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 68.4.1, Thunderbird < 68.4.1, and Firefox < 72.0.1.
CVSS 8.8
CVE-2020-0674 EXPLOITDB HIGH javascript WORKING POC
Microsoft Internet Explorer - Use After Free
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767.
CVSS 7.5
EIP-2026-117501 EXPLOITDB html WORKING POC
Microsoft Internet Explorer 11 32-bit - Use-After-Free
CVE-2019-11707 EXPLOITDB HIGH text WORKING POC
Mozilla Firefox < 60.7.1 - Type Confusion
A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 60.7.1, Firefox < 67.0.3, and Thunderbird < 60.7.2.
CVSS 8.8
CVE-2019-13720 EXPLOITDB HIGH javascript WORKING POC
Google Chrome <78.0.3904.87 - Use After Free
Use after free in WebAudio in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS 8.8