Back to directory
WRITEUP #327

CVE-2024-2887: A Pwn2Own Winning Bug In Google Chrome

RCEV8 JavaScript engineWebAssemblyJS sandbox breakoutBrowser hackingMemory corruption
by@_manfp(Manfred Paul)
Program
Google (Chrome)Microsoft (Edge)
Published
May 2, 2024
Added to HackDex
May 11, 2024
Read Full Writeuphttps://www.zerodayinitiative.com/blog/2024/5/2/cve-2024-2887-a-pwn2own-winning-bug-in-google-chrome
RELATED WRITEUPS
4 exploits, 1 bug: exploiting cve-2024-20017 4 different ways
RCEBuffer Overflow
Vulnerabilities in Open Source C2 Frameworks
RCEOS command injection
[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package
RCEDependency confusion
Attacking PowerShell CLIXML Deserialization
DeserializationInsecure deserialization
Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOS
RCEArbitrary file write

Built with ❤️ by Shubham Rawat