Microsoft Edge Scripting Engine Memory Corruption Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability
Summary
Microsoft Edge Scripting Engine Memory Corruption suffers from improper restriction of operations within the bounds of a memory buffer vulnerability
Credit:
The information has been provided by Qixun Zhao
The original article can be found at: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1307
Details
In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.
Vulnerable Systems:
Microsoft Edge Scripting Engine Memory Corruption
CVE Information:
Disclosure Timeline:
Published Date:10/10/2019