Strike ID:
E19-xwei1
CVSS:
9.0 (AV:N/AC:L/Au:N/C:C/I:P/A:P)
False Positive:
t
Variants:
4
Year:
2019

Description

This strike replicates an integer overflow exploit for Chrome browser engine. The vulnerability can be triggered via the Array JS API by using the ArrayConcat or ArrayPrototypeFill as entry points. By successfully exploiting this flaw, an attacker can execute arbitrary code in the context of the Chromes renderer process.

CVE

References

MSB

BID

ExploitDB

Secunia

Security Tracker

Metasploit

ZDI

Google

OSVDB

{}