E19-0pdj1
CVSS:
7.5 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
False Positive:
f
Variants:
1
Year:
2018
Description
This strike exploits a vulnerability in the Microsoft Edge Browser. Specifically the vulnerability exists inside the Microsoft Chakra Javascript engine. It is possible to craft invalid Javascript that still gets parsed by the Chakra engine, which can result in type confusion in the InterpreterStackFrame::OP_ResumeYield method. This can cause a denial of service in the browser or potentially lead to remote code execution.
CVE
https://code.google.com/p/google-security-research/issues/detail?id=1570