Microsoft Edge Scripting Engine Memory Corruption Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability

Published on December 1st, 2019
Summary

Microsoft Edge Scripting Engine Memory Corruption suffers from improper restriction of operations within the bounds of a memory buffer vulnerability

Credit:

The information has been provided by Qixun Zhao

The original article can be found at: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1307


Details

In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.

Vulnerable Systems:

Microsoft Edge Scripting Engine Memory Corruption 

CVE Information:

CVE-2019-1307

Disclosure Timeline:
Published Date:10/10/2019

Categories: FeaturedNews
Tags:

Related Posts

Featured News

HUAWEI P30 with versions earlier than 10.1.0.160 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability

Featured News

HUAWEI P30 with versions earlier than 10.1.0.135 Improper Verification of Cryptographic Signature Vulnerability

Featured News

HUAWEI P30 smartphone versions 10.1.0.135 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability