Firefox 72 IonMonkey JIT Type Confusion – Torchsec
May 13th, 2021 | ๐
Powered by iSpeech # Exploit Title: Firefox 72 IonMonkey - JIT Type Confusion# Date: 2021-05-10# Exploit Author: deadlock (Forrest Orr)#
May 13th, 2021 | ๐
Powered by iSpeech # Exploit Title: Firefox 72 IonMonkey - JIT Type Confusion# Date: 2021-05-10# Exploit Author: deadlock (Forrest Orr)#
June 27th, 2019 | ๐
iSpeech.org The following program (found through fuzzing and manually modified) crashes Spidermonkey built from the current beta channel and Firefox
May 30th, 2019 | ๐
https://www.ispeech.org/text.to.speech While fuzzing Spidermonkey, I encountered the following (commented and modified) JavaScript program which crashes debug builds of the latest
May 30th, 2019 | ๐
https://www.ispeech.org IonMonkey can, during a bailout, leak an internal JS_OPTIMIZED_OUT magic value to the running script. This magic value can
April 28th, 2019 | ๐
iSpeech CVSS Meta Temp Score Current Exploit Price (โ) 6.0 $5k-$25k A vulnerability, which was classified as critical, was found
April 27th, 2019 | ๐
https://www.ispeech.org CVSS Meta Temp Score Current Exploit Price (โ) 4.1 $0-$5k A vulnerability was found in Mozilla Firefox, Firefox ESR
April 27th, 2019 | ๐
https://www.ispeech.org/text.to.speech CVSS Meta Temp Score Current Exploit Price (โ) 6.0 $5k-$25k A vulnerability, which was classified as critical, has been
April 27th, 2019 | ๐
https://www.ispeech.org/text.to.speech CVSS Meta Temp Score Current Exploit Price (โ) 6.0 $5k-$25k A vulnerability, which was classified as critical, was found
March 30th, 2019 | ๐
Text to Speech SpiderMonkey: IonMonkey compiled code fails to update inferred property types, leading to type confusions Related CVE Numbers:
March 27th, 2019 | ๐
iSpeech Spidermonkey: IonMonkey's type inference is incorrect for constructors entered via OSR Related CVE Numbers: CVE-2019-9791. A bug in IonMonkeys
Gloss