Strike ID:
E19-l1nd1
CVSS:
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
False Positive:
t
Variants:
1
Year:
2019

Description

This strike exploits a vulnerability in Google Chrome. Specifically the vulnerability lies with how the v8 Javascript engine handles Object.seal/freeze on maps and element storage of objects, and how incorrect map transitions are followed by v8 without properly updating the element backing store. This can cause a denial of service condition in the browser but also leads to remote code execution.

CVE

References

MSB

BID

ExploitDB

Secunia

Security Tracker

Metasploit

ZDI

Google

OSVDB

{}