[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Microsoft Edge Information Disclosure Vulnerability - CVE-2019-0643

ID: oval:org.secpod.oval:def:50679Date: (C)2019-02-13   (M)2024-03-06
Class: VULNERABILITYFamily: windows




An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests. An attacker who successfully exploited this vulnerability could determine the origin of all webpages in the affected browser. In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability. Additionally, compromised websites and websites that accept or host user-provided content could contain specially crafted content that could be used to exploit the vulnerability. However, in all cases an attacker would have no way to force users to view attacker-controlled content. Instead, an attacker would have to convince users to take action. For example, an attacker could trick users into clicking a link that takes them to the attacker's site. The security update addresses the vulnerability by correcting how Microsoft Edge handles cross-origin requests.

Platform:
Microsoft Windows 10
Microsoft Windows Server 2019
Product:
Microsoft Edge
Reference:
CVE-2019-0643
CVE    1
CVE-2019-0643
CPE    5
cpe:/o:microsoft:windows_10:1809
cpe:/o:microsoft:windows_server_2019:::x64
cpe:/o:microsoft:windows_10:1809:::x64
cpe:/o:microsoft:windows_10:1809:::x86
...

© SecPod Technologies