CVE-2020-1341Multiple Releases of Same Resource or Handle in Microsoft Edge

CWE-1341Multiple Releases of Same Resource or Handle4 documents3 sources
Severity
3.1LOW
No vector
EPSS
No EPSS data
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Msrc Microsoft Edge
Timeline
PublishedJul 14
Latest updateJan 18

Description

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists in Microsoft Edge (Chromium-based) when DLL files are allowed to download without prompting additional warning to the user. An attacker who successfully exploited this vulnerability could drop the DLL files on the users Download folder (or equivalent) and gain elevated privileges. To exploit the vulnerability, the user must browse to a malicious website that is design

Affected Packages1 packages

📋Vendor Advisories

3
Red Hat
kernel: bad kfree in auditfilter.c may lead to escalation of privilege2021-01-18
Microsoft
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability2020-07-14
Red Hat
freerdp: Double free in cliprdr_server_receive_capabilities could result in data corruption2020-04-09

💬Community

1
Bugzilla
CVE-2020-6820 Mozilla: Use-after-free when handling a ReadableStream2020-04-04