Microsoft Edge Scripting Engine Memory Corruption Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability

Summary

Microsoft Edge Scripting Engine Memory Corruption suffers from improper restriction of operations within the bounds of a memory buffer vulnerability

Credit:

The information has been provided by Qixun Zhao

The original article can be found at: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1307


Details

In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.

Vulnerable Systems:

Microsoft Edge Scripting Engine Memory Corruption 

CVE Information:

CVE-2019-1307

Disclosure Timeline:
Published Date:10/10/2019