Published: 08/04/2019 Updated: 24/08/2020

CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9

CVSS v3 Base Score: 5.3 | Impact Score: 3.6 | Exploitability Score: 1.6

VMScore: 265

Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N

A security feature bypass vulnerability exists when Click2Play protection in Microsoft Edge improperly handles flash objects. By itself, this bypass vulnerability does not allow arbitrary code execution, aka 'Microsoft Edge Security Feature Bypass Vulnerability'.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft edge -

Attached is a PoC file that bypasses Flash click2play in Microsoft Edge This was tested on Windows 10 64bit v 1809 with the latest patches applied The PoC currently loads a swf from wwwimagesadobecom (screenshot attached), but can load a swf from any domain and also the PoC itself can be hosted on any domain Note that there is a race condition ...

Microsoft Patch Tuesday – March 2019

Symantec Threat Intelligence Blog • Ratheesh PM • 13 Mar 2024

This month the vendor has patched 64 vulnerabilities, 17 of which are rated Critical.

Posted: 13 Mar, 201920 Min ReadThreat Intelligence SubscribeFollowtwitterfacebooklinkedinMicrosoft Patch Tuesday – March 2019This month the vendor has patched 64 vulnerabilities, 17 of which are rated Critical.As always, customers are advised to follow these security best practices: Install vendor patches as soon as they are available. Run all software with the least privileges required while still maintaining functionality. Avoid handlin...

CVE-2019-0612

Vulnerability Summary

Vulnerability Trend

Exploits

Recent Articles

References

Vulmon Search

About

Products

Connect