Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2017-02-25 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Unpatched Microsoft Edge and IE Bug

Published: 2017-02-25
Last Updated: 2017-02-25 03:38:32 UTC
by Guy Bruneau (Version: 1)
0 comment(s)

Microsoft Edge and Internet Explorer can be exploited by a type confusion in HandleColumnBreakOnColumnSpanningElement. A POC was released here.

[1] https://bugs.chromium.org/p/project-zero/issues/detail?id=1011#c2

-----------
Guy Bruneau IPSS Inc.
Twitter: GuyBruneau
gbruneau at isc dot sans dot edu

Keywords: Bug Exploit
0 comment(s)
Diary Archives