CVE-2019-0641

Name of the Vulnerable Software and Affected Versions Microsoft Edge (affected versions not specified)

Description A security feature bypass issue exists in how Microsoft Edge handles whitelisting. This could allow a remote attacker to impact the integrity of protected information. The vulnerability is related to Microsoft Edge's default whitelist of sites where Adobe Flash loads without user interaction. Because the whitelist is not scheme-aware, an attacker could use a man-in-the-middle attack to bypass Flash policies and load arbitrary Flash content without user interaction.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.