Awesome
Case Study of Browser DOM Vulnerabilities
Inspired by js-vuln-db
Chrome
| CVE Number / ID | Module | Label | Credit |
|---|---|---|---|
| CVE-2018-6073 | WebGL | Heap Overflow | om...@krash.in |
| CVE-2018-16082 | sw::Surface | Stack Overflow | om...@krash.in |
| CR-666246 | HTMLSelectElement | UAF | ifratric |
Firefox
| CVE Number | Module | Label | Credit |
|---|---|---|---|
| CVE-2016-9079 | nsSMILTimeContainer | UAF | Daniel Veditz |
| CVE-2017-5447 | gfxTextRun | OOB Read | ifratric |
| CVE-2017-5465 | ConvolvePixel | Memory Disclosure | ifratric |
Edge
| CVE Number | Module | Label | Credit |
|---|---|---|---|
| CVE-2016-0003 | CDOMTextNode | Type Confusion | unknown |
| CVE-2017-0037 | CssParser | Type Confusion | ifratric |
| CVE-2017-8496 | CssParser | Type Confusion | ifratric |
| CVE-2018-1021 | CFormElement | OOB Read | akayn |
Webkit
| CVE Number | Module | Label | Credit |
|---|---|---|---|
| CVE-2018-4197 | RenderTreeBuilder | UAF | ifratric |
| CVE-2018-4306 | Node | UAF | ifratric |
| CVE-2018-4312 | AXObjectCache | UAF | ifratric |
| CVE-2018-4315 | SVGTRefElement | UAF, SVG | ifratric |
| CVE-2018-4317 | RenderLayer | UAF | ifratric |
| CVE-2018-4318 | SVGTextLayoutAttributes | UAF, SVG | ifratric |
| CVE-2018-4323 | RenderMultiColumnSet | UAF | ifratric |
| CVE-2018-4328 | InlineTextBox | OOB Read | ifratric |
IE
| CVE Number | Module | Label | Credit |
|---|---|---|---|
| CVE-2012-4792 | CButton | UAF | unknown |
| CVE-2015-6152 | CObjectElement | UAF | unknown |
| CVE-2018-8460 | CStyleAttrArray | Double Free | Simon Zuckerbraun |