{"vulnerability": "CVE-2019-0567", "sightings": [{"uuid": "54eacd62-ec79-4cdd-ac98-7816e4ba74af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0567", "type": "seen", "source": "MISP/5c360a14-9018-4d13-b6c9-714c0a021402", "content": "", "creation_timestamp": "2019-01-09T14:53:48.000000Z"}, {"uuid": "da3d7371-a56c-4145-935e-1da673e5aa15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0567", "type": "exploited", "source": "https://www.exploit-db.com/exploits/46203", "content": "", "creation_timestamp": "2019-01-18T00:00:00.000000Z"}, {"uuid": "65ce9192-e15e-4e4f-a464-a50e43037a71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0567", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:00:53.000000Z"}, {"uuid": "c0802dd6-f07d-4677-bcfa-57ca438e15f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0567", "type": "published-proof-of-concept", "source": "https://t.me/cKure/9046", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Exploit Development: Browser Exploitation on Windows - CVE-2019-0567, A Microsoft Edge Type Confusion Vulnerability (Part 1).\n\nhttps://connormcgarr.github.io/type-confusion-part-1/", "creation_timestamp": "2022-03-16T15:23:15.000000Z"}, {"uuid": "4ba297b9-4660-4a7c-897a-19affff5fe6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0567", "type": "published-proof-of-concept", "source": "https://t.me/cKure/13059", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Exploit Development: Browser Exploitation on Windows - CVE-2019-0567, A Microsoft Edge Type Confusion.\n\nPart 3: https://connormcgarr.github.io/type-confusion-part-3/", "creation_timestamp": "2024-06-04T16:23:56.000000Z"}, {"uuid": "eda9bd89-8ff0-43df-b3e7-86b4ec7ace51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0567", "type": "published-proof-of-concept", "source": "https://t.me/cKure/12568", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Browser Exploitation on Windows!\n\nCVE-2019-0567, A Microsoft Edge Type Confusion Vulnerability (Part 2):\nhttps://connormcgarr.github.io/type-confusion-part-2/\n\nCVE-2019-0567, A Microsoft Edge Type Confusion Vulnerability (Part 3):\nhttps://connormcgarr.github.io/type-confusion-part-1/", "creation_timestamp": "2024-03-21T18:32:47.000000Z"}, {"uuid": "5adb82bc-45c7-4535-897f-a83078b15c1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0567", "type": "published-proof-of-concept", "source": "https://t.me/ShizoPrivacy/336", "content": "|Exploit Development: Browser Exploitation on Windows|\n\n\ud83d\udee1\u0422\u043e\u043b\u044c\u043a\u043e \u0432 \u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0446\u0435\u043b\u044f\u0445!\n\u0421\u0435\u0440\u0438\u044f \u0441\u0442\u0430\u0442\u0435\u0439 \u043f\u0440\u043e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0443 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u043e\u0432, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u0440\u0430\u0437\u0431\u0438\u0440\u0430\u0435\u0442\u0441\u044f:\n\ud83d\udca5\u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0441\u0440\u0435\u0434\u044b, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u043d\u0430\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u0440\u0430\u0431\u043e\u0442\u043e\u0441\u043f\u043e\u0441\u043e\u0431\u043d\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u0430 \u0434\u043b\u044f \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430\n\ud83d\udca5\u043a\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u0432 JS \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0442 \u043e\u0431\u044a\u0435\u043a\u0442\u044b \u0438 \u043a\u0430\u043a \u043e\u043d\u0438 \u0440\u0430\u0441\u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442\u0441\u044f \u0432 \u043f\u0430\u043c\u044f\u0442\u0438\n\ud83d\udca5\u0440\u0430\u0437\u0431\u043e\u0440 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2019-0567 \u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0430 \u043d\u0430 \u0435\u0451 \u043e\u0441\u043d\u043e\u0432\u0435 \u0441\u043f\u043b\u043e\u0438\u0442\u0430\n\ud83d\udca5\u043a\u0430\u043a \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 ASLR, DEP \u0438 CFG.\n\ud83d\udca5\u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430(code execution)\n\ud83d\udca5\u043f\u043e\u0440\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u043f\u043b\u043e\u0438\u0442\u0430 \u043d\u0430 ME \n\ud83d\udca5\u0431\u0430\u0439\u043f\u0430\u0441\u0441 ACG, \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u043d\u0435 \u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\n\ud83d\udca5\u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0432 Edge\n\u0412\u0430\u0436\u043d\u043e: Edge \u0440\u0430\u0441\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Chakra(\u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043d\u0430 \u0434\u0432\u0438\u0436\u043a\u0435 V8 JS, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0431\u044b\u043b\u043e \u043d\u0430\u0439\u0434\u0435\u043d\u043e \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439). \u041a\u0441\u0442\u0430\u0442\u0438 \u0443\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0432\u044f\u0437\u0430\u043d\u0430 \u043d\u0430 Type Confusion(\u043f\u0440\u0438\u043c\u0435\u04401, \u043f\u0440\u0438\u043c\u0435\u04402).\n>\u0447\u0430\u0441\u0442\u044c1\n>\u0447\u0430\u0441\u0442\u044c2\n>\u0447\u0430\u0441\u0442\u044c3\n\n\ud83d\udee1For educational purposes only!\nA series of articles about the development of exploits, which examines in detail:\n\ud83d\udca5the process of configuring and creating an environment that allows us to check the operability of the exploit for the browser\n\ud83d\udca5how objects work in JS and how they are located in memory\n\ud83d\udca5analysis of the vulnerability CVE-2019-0567 and development based on it\n\ud83d\udca5how ASLR, DEP and CFG work\n\ud83d\udca5code execution\n\ud83d\udca5porting the composite to the ME\n\ud83d\udca5bypass ACG, through an unpatched vulnerability\n\ud83d\udca5code execution in Edge\nImportant: Edge is considered based on Chakra (it runs on the V8 JS engine, in which several vulnerabilities have recently been found). By the way, the vulnerability is tied to Type Confusion (example1, example 2).\n>part1\n>part2\n>part3\n\n#exploitDev #cve #Edge", "creation_timestamp": "2022-04-19T18:15:38.000000Z"}, {"uuid": "c4c32025-05ce-4f51-a256-4ff4d4b468c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0567", "type": "published-proof-of-concept", "source": "Telegram/jlozJxBZ6c2zPMb8t9ZTUmCjCeY81oRo5qY8Duk3lR3oDeM", "content": "", "creation_timestamp": "2025-02-16T04:00:07.000000Z"}, {"uuid": "8c1b8407-8a51-4df6-8de0-8bfe052c87ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0567", "type": "published-proof-of-concept", "source": "https://t.me/GhostsForum/20637", "content": "Series on browser exploitation : \n\nBrowser Exploitation on Windows - CVE-2019-0567, A Microsoft Edge Type Confusion Vulnerability (Part 3) : https://connormcgarr.github.io/type-confusion-part-3/\n\nCVE-2019-0567, A Microsoft Edge Type Confusion Vulnerability (Part 2) : https://connormcgarr.github.io/type-confusion-part-2/\n\nCVE-2019-0567, A Microsoft Edge Type Confusion Vulnerability (Part 1) : https://connormcgarr.github.io/type-confusion-part-1/", "creation_timestamp": "2024-03-23T16:17:35.000000Z"}, {"uuid": "2790f7d3-e27e-41d7-a7bd-7b6c02996a59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0567", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/6514", "content": "Series on browser exploitation : \n\nBrowser Exploitation on Windows - CVE-2019-0567, A Microsoft Edge Type Confusion Vulnerability (Part 3) : https://connormcgarr.github.io/type-confusion-part-3/\n\nCVE-2019-0567, A Microsoft Edge Type Confusion Vulnerability (Part 2) : https://connormcgarr.github.io/type-confusion-part-2/\n\nCVE-2019-0567, A Microsoft Edge Type Confusion Vulnerability (Part 1) : https://connormcgarr.github.io/type-confusion-part-1/", "creation_timestamp": "2024-03-23T16:17:18.000000Z"}, {"uuid": "17cbdcb3-dad3-424e-9072-d7fecb893f8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0567", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5623", "content": "#Offensive_security\nExploit Development:\nBrowser Exploitation on Windows - CVE-2019-0567, A MS Edge Type Confusion Vulnerability\nPart 1: https://connormcgarr.github.io/type-confusion-part-1\nPart 2: https://connormcgarr.github.io/type-confusion-part-2", "creation_timestamp": "2023-09-24T15:02:58.000000Z"}]}