Microsoft Edge 'Tree::ANode::DocumentLayout()' Function Denial of Service Vulnerability
BID:106288
Info
Microsoft Edge 'Tree::ANode::DocumentLayout()' Function Denial of Service Vulnerability
| Bugtraq ID: | 106288 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 11 2018 12:00AM |
| Updated: | Nov 11 2018 12:00AM |
| Credit: | Bogdan Kurinnoy |
| Vulnerable: |
Microsoft Edge 42.17134.1.0 |
| Not Vulnerable: | |
Discussion
Microsoft Edge 'Tree::ANode::DocumentLayout()' Function Denial of Service Vulnerability
Microsoft Edge is prone to a remote denial-of-service vulnerability.
An attacker can exploit this issue to cause a denial-of-service condition.
Edge 42.17134.1.0 is vulnerable; other versions may also be affected.
Microsoft Edge is prone to a remote denial-of-service vulnerability.
An attacker can exploit this issue to cause a denial-of-service condition.
Edge 42.17134.1.0 is vulnerable; other versions may also be affected.
Exploit / POC
Microsoft Edge 'Tree::ANode::DocumentLayout()' Function Denial of Service Vulnerability
The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.
The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.
Solution / Fix
Microsoft Edge 'Tree::ANode::DocumentLayout()' Function Denial of Service Vulnerability
Solution:
Reportedly, the issue is fixed; however, Symantec has not confirmed this. Please contact the vendor for more information.
Solution:
Reportedly, the issue is fixed; however, Symantec has not confirmed this. Please contact the vendor for more information.
References
Microsoft Edge 'Tree::ANode::DocumentLayout()' Function Denial of Service Vulnerability
References:
References:
- Microsoft Homepage (Microsoft)
- Access violation while reading memory at 0x5C using a NULL pointer (Microsoft)