Editing Vulnerabilities
Jump to navigation
Jump to search
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 456: | Line 456: | ||
* Lokihardt (from Google Project Zer0) for the exploit PoC (Sep 13, 2018) | * Lokihardt (from Google Project Zer0) for the exploit PoC (Sep 13, 2018) | ||
* Fire30 for turning the vulnerability into exploit for PS4 (Dec 30, 2019) | * Fire30 for turning the vulnerability into exploit for PS4 (Dec 30, 2019) | ||
==== Analysis ==== | ==== Analysis ==== | ||
Line 468: | Line 467: | ||
It is possible to craft Javascript in such a way that allows for an object to be passed as the property variable directly as a string to the op_get_direct_pname handler without being properly validated. | It is possible to craft Javascript in such a way that allows for an object to be passed as the property variable directly as a string to the op_get_direct_pname handler without being properly validated. | ||
==== Exploit Implementation ==== | ==== Exploit Implementation ==== |