A Turkish version of this post was originally published on blog.arasmehmet.com. Disclaimer: This is a retrospective analysis of a publicly disclosed CVE that has been patched since disclosure. All exploit mechanics discussed are conceptual; nothing here is a working exploit.