JoeUX (0)

Last Login: May 16, 2021
Assessments
0
Score
0

JoeUX's Latest (1) Contributions

Sort by:
Filter by:
3

I’m puzzled by this vuln. What is the nature of the bug? I mean is it a memory bug like a buffer overflow or use after free that happens during deserialization? I don’t understand why parsing an XML header would result in an RCE without some sort of memory bug.

And the code you pasted looks like C#, so that’s even more puzzling. The usual memory bugs normally depend on manual memory managed C/C++ code. How is this happening in C#, unless we’re talking about the .NET JIT written in C++ or something? And is this code open source? Is it trivial to decompile and unobfuscate Microsoft’s closed source C# applications?