6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)False Positive:
This strike exploits a use after free vulnerability in Microsoft Internet Explorer and Edge Browsers. Specifically, if a font element's lang attribute is set to a string, and then its node value is set to null, the string is freed. Later a call to reference this lang attribute will result in a user after free condition. An attacker can use this attack to disclose memory information that can potentially lead to an ASLR bypass.