E19-l1nd1
CVSS:
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
False Positive:
f
Variants:
1
Year:
2019
Description
This strike exploits a vulnerability in Google Chrome. Specifically the vulnerability lies with how the v8 Javascript engine handles Object.seal/freeze on maps and element storage of objects, and how incorrect map transitions are followed by v8 without properly updating the element backing store. This can cause a denial of service condition in the browser but also leads to remote code execution.
References
https://code.google.com/p/google-security-research/issues/detail?id=1923