7.6 (AV:N/AC:H/Au:N/C:C/I:C/A:C)False Positive:
This strike exploits a vulnerability in the Microsoft Edge Browser. Specifically, the vulnerability exists when the BoundFunction::NewInstance function is used to handle calls to a bound function. This method allocates a new argument array and copies the arguments into the new argument array. It will call the function without respecting the CallFlags ExtraArg flag that indicates that theres an extra argument at the end of the array. This then results in the new array size being one less than what is required, leading to an Out of Bounds memory read. This can cause a denial of service condition in the browser or potentially lead to remote code execution.