EDB-ID: 40948 CVE: 2016-7287 Author: GOOGLE SECURITY RESEARCH Type: DOS Platform: WINDOWS Date: 2016-12-21 Vulnerable App: Microsoft Edge Vulnerability Type: Internationalization Initialization Type Confusion (MS16-144) Description: - The vulnerability is related to the Chakra JavaScript engine in Microsoft Edge. - During the initialization of the object, there are stray calls to which can be exploited. - If is redefined before is initialized, a user-defined method can be called during initialization. - This can cause type confusion in , leading to a denial of service (DoS). PoC Code: A minimal PoC is provided in the screenshot, demonstrating how the vulnerability can be triggered. Tags: Denial of Service (DoS)