Lucene search
Arthur Gerkis of Exodus Intelligence (@ax330d)ZDI-19-470HistoryMay 15, 2019 - 12:00 a.m.
Microsoft Edge CDXImageRenderTarget Double Free Remote Code Execution Vulnerability
2019-05-1500:00:00
Arthur Gerkis of Exodus Intelligence (@ax330d)
www.zerodayinitiative.com
17
EPSS
0.185
Percentile
96.3%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the rendering of pattern images within HTML canvas elements. By manipulating a documentâs elements, an attacker can cause a pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code in the context of the current process.
Related
nvd
nvd
CVE-2019-0940
2019-05-16 19:29:03
mscve
mscve
Microsoft Browser Memory Corruption Vulnerability
2019-05-14 07:00:00
cve
cve
CVE-2019-0940
2019-05-16 19:29:03
symantec
symantec
prion
prion
Remote code execution
2019-05-16 19:29:00
cvelist
cvelist
CVE-2019-0940
2019-05-16 18:17:03
checkpoint_advisories
checkpoint_advisories
Microsoft Browser Memory Corruption (CVE-2019-0940)
2019-05-14 00:00:00
nessus
nessus
mskb
mskb
Cumulative security update for Internet Explorer: May 14, 2019
2019-05-14 07:00:00
May 14, 2019âKB4499171 (Monthly Rollup)
2019-05-14 07:00:00
May 14, 2019âKB4499164 (Monthly Rollup)
2019-05-14 07:00:00
kaspersky
kaspersky
KLA11478 Multiple vulnerabilities in Microsoft Browsers
2019-05-14 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4499164)
2019-05-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4499151)
2019-05-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4499154)
2019-05-15 00:00:00
talosblog
talosblog