Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-4863 PoC — Google Chrome 缓冲区错误漏洞

Source
https://github.com/mistymntncop/CVE-2023-4863
Associated Vulnerability
Title:Google Chrome 缓冲区错误漏洞 (CVE-2023-4863)
Description:Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
Readme
# CVE-2023-4863/CVE-2023-41064
A POC for CVE-2023-4863. NOT an exploit
Shout to @benhawkes who discovered the right set of code_lengths to trigger this vulnerability!
Please consult Ben's blog post for more information!
https://blog.isosceles.com/the-webp-0day/
File Snapshot

 [4.0K]  /data/pocs/d8adeefe7e35d0b33c8e88991d033b3e76404f45
├── [ 236]  bad.webp
├── [ 19K]  craft.c
├── [336K]  graphviz - 40, 410 tree.png
├── [690K]  graphviz - 40, 414 tree.png
├── [ 350]  nso.webp
├── [1.6K]  print_tree.c
└── [ 265]  README.md

0 directories, 7 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →