Id:
CVE-2019-0612
Comment
:
A security feature bypass vulnerability exists when Click2Play protection in Microsoft Edge improperly handles flash objects. By itself, this bypass vulnerability does not allow arbitrary code execution, aka 'Microsoft Edge Security Feature Bypass Vulnerability'.
CVSSv2 Score:
2.6
Access vector:
|
NETWORK
|
Access complexity:
|
HIGH
|
Authentication:
|
NONE
|
Confidentiality impact:
|
NONE
|
Integrity impact:
|
PARTIAL
|
Availability impact:
|
NONE
|
CVSSv2 Vector:
AV:N/AC:H/Au:N/C:N/I:P/A:N
CVSSv3 Score:
5.3
Attack vector:
|
NETWORK
|
Attack complexity:
|
HIGH
|
Privileges required:
|
NONE
|
User interaction:
|
REQUIRED
|
Scope:
|
UNCHANGED
|
Confidentiality impact:
|
NONE
|
Integrity impact:
|
HIGH
|
Availability impact:
|
NONE
|
CVSSv3 Vector:
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
References: