#RCE

2 posts tagged with RCE.

Pwning Minecraft: 4-byte heap overflow to RCE

We achieved RCE in Minecraft Bedrock, turning a 4-byte heap overflow into complete client compromise. Learn how a universal, Bedrock-specific technique is used to bypass ASLR and achieve arbitrary read/write primitives.
Hrvoje Mišetić

Patch gap to mobile renderer RCE: pwning Samsung Internet's V8 on the Galaxy S25

Samsung Internet on the Galaxy S25 shipped a six-month-old version of V8, exposing it to publicly known bugs. Learn how we exploited a bytecode interpreter vulnerability to achieve renderer RCE and universal XSS in the browser.
Hrvoje Mišetić, Jamie Hill-Daniel, William Liu