Lucene search
Arthur Gerkis of Exodus Intelligence (@ax330d)ZDI-19-471HistoryMay 15, 2019 - 12:00 a.m.
Microsoft Edge DownloadOperation Sandbox Escape Vulnerability
2019-05-1500:00:00
Arthur Gerkis of Exodus Intelligence (@ax330d)
www.zerodayinitiative.com
15
EPSS
0.007
Percentile
80.5%
This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of messages passed from the renderer process to the broker process of Microsoft Edge. A crafted message can trigger execution of a privileged operation. An attacker can leverage this vulnerability to escalate privileges and escape the Microsoft Edge sandbox.
Related
mscve
mscve
Microsoft Edge Elevation of Privilege Vulnerability
2019-05-14 07:00:00
prion
prion
Privilege escalation
2019-05-16 19:29:00
cvelist
cvelist
CVE-2019-0938
2019-05-16 18:17:03
nvd
nvd
CVE-2019-0938
2019-05-16 19:29:03
cve
cve
CVE-2019-0938
2019-05-16 19:29:03
checkpoint_advisories
checkpoint_advisories
Microsoft Edge Elevation of Privilege (CVE-2019-0938)
2019-05-14 00:00:00
symantec
symantec
Microsoft Edge CVE-2019-0938 Remote Privilege Escalation Vulnerability
2019-05-14 00:00:00
kaspersky
kaspersky
KLA11478 Multiple vulnerabilities in Microsoft Browsers
2019-05-14 00:00:00
mskb
mskb
May 14, 2019âKB4499154 (OS Build 10240.18215)
2019-05-14 07:00:00
May 14, 2019âKB4494440 (OS Build 14393.2969)
2019-05-14 07:00:00
May 14, 2019âKB4499167 (OS Build 17134.765)
2019-05-14 07:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4499154)
2019-05-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4499179)
2019-05-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4494440)
2019-05-15 00:00:00
nessus
nessus
talosblog
talosblog