{"vulnerability": "CVE-2020-9910", "sightings": [{"uuid": "d5da7ad2-5350-4c25-ad59-ce6183371902", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-9910", "type": "published-proof-of-concept", "source": "https://t.me/R0_Crew/1782", "content": "This three-part series highlights the technical challenges involved in finding and exploiting JavaScript engine vulnerabilities in modern web browsers and evaluates current exploit mitigation technologies. The exploited vulnerability, CVE-2020-9802, was fixed in iOS 13.5, while two of the mitigation bypasses, CVE-2020-9870 and CVE-2020-9910, were fixed in iOS 13.6.\n\nJITSploitation I: A JIT Bug\nhttps://googleprojectzero.blogspot.com/2020/09/jitsploitation-one.html\n\nJITSploitation II: Getting Read/Write\nhttps://googleprojectzero.blogspot.com/2020/09/jitsploitation-two.html\n\nJITSploitation III: Subverting Control Flow\nhttps://googleprojectzero.blogspot.com/2020/09/jitsploitation-three.html\n\n#mobile #ios #javascript #browser #jit #webkit #expdev #cve #reverse #darw1n", "creation_timestamp": "2020-09-04T14:07:52.000000Z"}]}