D18-majo1
CVSS:
7.5 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
False Positive:
f
Variants:
1
Year:
2018
Description
This strike exploits a vulnerability in the Microsoft Edge browser. Specifically, the vulnerability exists in Javascript Chakra engine. Because there is not an Integer Overflow check in place, it is possible to craft Javascript in such a way that causes a bug to occur when LowerSetConcatStrMuliItem is called to concatenate strings. This may lead to a denial of service condition in the browser, or potentially remote code execution.
CVE
https://code.google.com/p/google-security-research/issues/detail?id=1380