CVE-2019-11707

This exploit leverages a type confusion vulnerability in Mozilla Firefox's IonMonkey JIT compiler, specifically in the handling of Array.pop operations, leading to arbitrary memory writes and potential remote code execution.

This is a functional exploit for CVE-2019-11707, targeting a type confusion vulnerability in Mozilla Firefox's Array.pop method during JIT compilation. It achieves remote code execution by manipulating array prototypes to bypass type checks, leading to arbitrary read/write primitives and ultimately executing shellcode.

This repository contains a functional exploit for CVE-2019-11707, a type confusion vulnerability in Mozilla Firefox's SpiderMonkey JavaScript engine. The exploit leverages a prototype pollution technique to achieve arbitrary read-write primitives, leading to remote code execution (RCE).

This repository contains a functional exploit for CVE-2019-11707, a type confusion vulnerability in Mozilla's SpiderMonkey JavaScript engine. The exploit achieves arbitrary read/write primitives and executes a JIT spray to bypass mitigations, ultimately leading to remote code execution via a crafted `execve` syscall.

This repository contains a functional proof-of-concept exploit for CVE-2019-11707, a type confusion vulnerability in Mozilla Firefox's IonMonkey JIT compiler. The exploit leverages prototype pollution and JIT optimization to trigger a crash by dereferencing a controlled double value as a pointer.

This repository contains a functional exploit for CVE-2019-11707, a type confusion vulnerability in Mozilla's SpiderMonkey JavaScript engine. The exploit leverages arbitrary read/write primitives to achieve remote code execution via JIT spraying and syscall execution.