Lucene search

[email protected]CVE-2019-0940

HistoryMay 16, 2019 - 7:29 p.m.

CVE-2019-0940

2019-05-1619:29:00

CWE-787

[email protected]

web.nvd.nist.gov

microsoft

browsers

remote code execution

memory corruption

vulnerability

cve-2019-0940

nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

7.7 High

AI Score

Confidence

High

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.14 Low

EPSS

Percentile

95.6%

JSON

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka ‘Microsoft Browser Memory Corruption Vulnerability’.

VendorProductVersionCPE
microsoftinternet_explorer_11Windows 7 for 32-bit Systems Service Pack 1cpe:2.3:a:microsoft:internet_explorer_11:Windows 7 for 32-bit Systems Service Pack 1:*:*:*:*:*:*:*
microsoftinternet_explorer_11Windows 7 for x64-based Systems Service Pack 1cpe:2.3:a:microsoft:internet_explorer_11:Windows 7 for x64-based Systems Service Pack 1:*:*:*:*:*:*:*
microsoftinternet_explorer_11Windows Server 2008 R2 for x64-based Systems Service Pack 1cpe:2.3:a:microsoft:internet_explorer_11:Windows Server 2008 R2 for x64-based Systems Service Pack 1:*:*:*:*:*:*:*
microsoftinternet_explorer_11Windows 8.1 for 32-bit systemscpe:2.3:a:microsoft:internet_explorer_11:Windows 8.1 for 32-bit systems:*:*:*:*:*:*:*
microsoftinternet_explorer_11Windows 8.1 for x64-based systemscpe:2.3:a:microsoft:internet_explorer_11:Windows 8.1 for x64-based systems:*:*:*:*:*:*:*
microsoftinternet_explorer_11Windows Server 2012 R2cpe:2.3:a:microsoft:internet_explorer_11:Windows Server 2012 R2:*:*:*:*:*:*:*
microsoftinternet_explorer_11Windows RT 8.1cpe:2.3:a:microsoft:internet_explorer_11:Windows RT 8.1:*:*:*:*:*:*:*
microsoftinternet_explorer_11Windows 10 for 32-bit Systemscpe:2.3:a:microsoft:internet_explorer_11:Windows 10 for 32-bit Systems:*:*:*:*:*:*:*
microsoftinternet_explorer_11Windows 10 for x64-based Systemscpe:2.3:a:microsoft:internet_explorer_11:Windows 10 for x64-based Systems:*:*:*:*:*:*:*
microsoftinternet_explorer_11Windows Server 2016cpe:2.3:a:microsoft:internet_explorer_11:Windows Server 2016:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	internet_explorer_11	Windows 7 for 32-bit Systems Service Pack 1	cpe:2.3:a:microsoft:internet_explorer_11:Windows 7 for 32-bit Systems Service Pack 1:::::::*
microsoft	internet_explorer_11	Windows 7 for x64-based Systems Service Pack 1	cpe:2.3:a:microsoft:internet_explorer_11:Windows 7 for x64-based Systems Service Pack 1:::::::*
microsoft	internet_explorer_11	Windows Server 2008 R2 for x64-based Systems Service Pack 1	cpe:2.3:a:microsoft:internet_explorer_11:Windows Server 2008 R2 for x64-based Systems Service Pack 1:::::::*
microsoft	internet_explorer_11	Windows 8.1 for 32-bit systems	cpe:2.3:a:microsoft:internet_explorer_11:Windows 8.1 for 32-bit systems:::::::*
microsoft	internet_explorer_11	Windows 8.1 for x64-based systems	cpe:2.3:a:microsoft:internet_explorer_11:Windows 8.1 for x64-based systems:::::::*
microsoft	internet_explorer_11	Windows Server 2012 R2	cpe:2.3:a:microsoft:internet_explorer_11:Windows Server 2012 R2:::::::*
microsoft	internet_explorer_11	Windows RT 8.1	cpe:2.3:a:microsoft:internet_explorer_11:Windows RT 8.1:::::::*
microsoft	internet_explorer_11	Windows 10 for 32-bit Systems	cpe:2.3:a:microsoft:internet_explorer_11:Windows 10 for 32-bit Systems:::::::*
microsoft	internet_explorer_11	Windows 10 for x64-based Systems	cpe:2.3:a:microsoft:internet_explorer_11:Windows 10 for x64-based Systems:::::::*
microsoft	internet_explorer_11	Windows Server 2016	cpe:2.3:a:microsoft:internet_explorer_11:Windows Server 2016:::::::*