A memory corruption vulnerability exists in the Javascript implementation of the Acrobat-based PDF engine in Microsoft Edge 112.0.1722.58 and 114.0.1776.0 Canary. A specially crafted PDF document can trigger type confusion vulnerability when manipulating icons, which could lead to writes to arbitrary memory and possibly code execution or other side effects. Victim would need to open a malicious file in the browser to trigger this vulnerability.
Read more:
https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1747
We learn Security! 