E19-0p9n1
CVSS:
7.5 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
False Positive:
f
Variants:
1
Year:
2018
Description
This strike exploits a vulnerability in the Microsoft Edge Browser. Specifically, the vulnerability exists when the BoundFunction::NewInstance function is used to handle calls to a bound function. This method allocates a new argument array and copies the arguments into the new argument array. It will call the function without respecting the CallFlags_ExtraArg flag that indicates that there's an extra argument at the end of the array. This then results in the new array size being one less than what is required, leading to an Out of Bounds memory read. This can cause a denial of service condition in the browser or potentially lead to remote code execution.
CVE
https://code.google.com/p/google-security-research/issues/detail?id=1569