CVE Number | Vulnerability | Product | Severity | Date |
---|---|---|---|---|
MS16-038 | Cumulative Security Update for Microsoft Edge (3148532) | Microsoft Edge | Critical | 13-04-2016 |
Technical Information
Brief overview of the risk:
Multiple remote code execution vulnerabilities exist when improperly accesses objects in memory. The vulnerabilities could corrupt memory that enables an attacker to execute arbitrary code in the context of the current user.
Detailed Information on the risk:
An elevation of privilege vulnerability exists when does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain. In a web-based attack scenario, an attacker could host a website in an attempt to exploit the vulnerability.Further information on this exploit is available at : MS16-038