CVE-2018-6064

HIGH

Google Chrome <65.0.3325.146 - Heap Corruption

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-6064. PoCs published by Google Security Research.

AI-analyzed exploit summary This PoC exploits a type confusion vulnerability in V8's elements handling, where a getter can alter the array's elements kind during iteration, leading to memory corruption. The exploit triggers the issue via `Object.entries` on a maliciously crafted array.

Description

Type Confusion in the implementation of __defineGetter__ in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · javascriptdosmultiple

https://www.exploit-db.com/exploits/44394

View Code ZIP pw:eip

This PoC exploits a type confusion vulnerability in V8's elements handling, where a getter can alter the array's elements kind during iteration, leading to memory corruption. The exploit triggers the issue via `Object.entries` on a maliciously crafted array.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Google Chrome V8 Engine (versions prior to fix for CVE-2018-6064)

No auth needed

Prerequisites: Target must be running a vulnerable version of Chrome/V8

MITRE ATT&CK