Chrome Dangling FixedArray Pointers / Memory Corruption

Chrome suffers from an issue with dangling FixedArray pointers in Torque that can lead to memory corruption.   Exploit Files ≈ Packet Storm 

 

More To Explore