Simple TCP echo server with buffer overflow vulnerability (original source here)
Involves defeating stack canaries by leaking stack values and bypassing non-executable stack (-z noexecstack) via ROP (Return Oriented Programming) gadget to prepare and invoke a system() call.
Chrome V8 type confusion bug, assigned CVE-2019-5825
The context for this exploit is a non-sandboxed renderer (otherwise a sandbox escape is also required) that executes user-specified Javascript. The approach taken involves custom shellcode to support exfiltration using only syscalls and writing its output to user-visible buffer that is later rendered.