Microsoft Edge Chakra - Cross Context Use-After-Free

Strike ID:

E19-0jpu2

CVSS:

7.6 (AV:N/AC:H/Au:N/C:C/I:C/A:C)

False Positive:

Variants:

Year:

2018

Description

This strike exploits a vulnerability in the Microsoft Edge Chakra engine. Specifically the vulnerability is under the CrossSite class, which passes Javascript variables across different contexts. An attacker who successfully exploits the vulnerability could trigger a Use-After-Free condition.

OSVDB

{}

Support & Services

Resources

Microsoft Edge Chakra - Cross Context Use-After-Free

Description

CVE

References

MSB

BID

ExploitDB

Secunia

Security Tracker

Metasploit

ZDI

Google

OSVDB

Footer Menu: 2