As per the blog post detailing the vuln, Google reported two zero-day vulns that were not disclosed publicly.
It did not detail the vulnerability (vuln) at the time, but did say that it's aware of the exploit for the flaw, called CVE-2019-5786, which exists in the wild.
Depending on the privileges associated with this application, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights." The new vuln involves a memory mismanagement bug that is present in the FileReader web API.
THE RESULTS OF RUNNING THE SCANNERS AGAINST THREE VULNERABLE APPLICATIONS tool\ FO SO BL FO SO BOF vuln
. XSS XSS SQLI SQLI SQLI w3af 0/1/0 0/0/0 0/0/0 2/1/1 0/0/0 0/0/0 Nikto 0/0/0 0/0/0 0/0/0 0/0/0 0/0/0 0/0/0 wapiti 0/1/1 1/0/0 0/2/1 0/0/0 0/0/0 0/0/0 vega 0/0/0 0/0/0 0/0/0 0/1/0 0/0/0 0/0/0 ZAP 0/0/0 0/0/0 0/0/0 0/0/0 0/0/0 0/0/0 Acunetix 0/1/1 0/0/0 0/1/1 2/1/1 0/0/0 0/0/0 WAPTT 0/1/1 1/0/0 0/2/1 2/1/1 1/0/0 1/0/0 VULNS
0/1/1 1/1/0 0/2/1 3/1/1 1/1/1 1/0/0
This is not because of difficulties, it is actually because it turns out a few of the vulns we were planning on using still work on iOS 7 (kind of exciting [yes and no]).
"We do not want to publish these vulns as they have the potential of being used in a future iOS 7.x A5+ jailbreak.
If worse comes to worse, we'll release it alongside evad3r's iOS 7 jb to prevent disclosing any more vulns."
There seemed no way back for England during Andre Russell and Ramnaresh Sarwan's seventh-wicket stand of 72 as theWest Indies closed on a vulnS
erable 243 all out under lights at the MA Chidambaram Stadium.