Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA11462
HistoryApr 09, 2019 - 12:00 a.m.

KLA11462 Multiple vulnerabilities in Microsoft Browsers

2019-04-0900:00:00
Kaspersky Lab
threats.kaspersky.com
174

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.955 High

EPSS

Percentile

99.4%

JSON

Microsoft official advisories:

KB list:

4493441
4493474
4493464
4493509
4493470
4493475
4493472
4493451
4493446
4493435
4530684

Detect date:

04/09/2019

Severity:

Critical

Description:

Multiple vulnerabilities were found in Microsoft browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, obtain sensitive information.

Exploitation:

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Affected products:

Internet Explorer 10
Internet Explorer 11
Internet Explorer 9
Microsoft Edge

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

CVE-2019-0860
CVE-2019-0829
CVE-2019-0764
CVE-2019-0752
CVE-2019-0739
CVE-2019-0862
CVE-2019-0833
CVE-2019-0806
CVE-2019-0835
CVE-2019-0861
CVE-2019-0810
CVE-2019-0812
CVE-2019-0753

Impacts:

ACE

Related products:

Microsoft Internet Explorer

CVE-IDS:

CVE-2019-08297.6Critical
CVE-2019-08067.6Critical
CVE-2019-08107.6Critical
CVE-2019-08127.6Critical
CVE-2019-08607.6Critical
CVE-2019-07397.6Critical
CVE-2019-08617.6Critical
CVE-2019-07644.3Warning
CVE-2019-07527.6Critical
CVE-2019-08627.6Critical
CVE-2019-08334.3Warning
CVE-2019-08354.3Warning
CVE-2019-07537.6Critical

References

Related

prion 13
cve 13
github 6
osv 13
nessus 9
mskb 12
attackerkb 3
symantec 13
veracode 7
checkpoint_advisories 9
mscve 13
zdi 2
openvas 10
cisa_kev 1
githubexploit 1
malwarebytes 1
zdt 1
exploitpack 1
packetstorm 1
talosblog 1
exploitdb 1
thn 2
cisa 1
kaspersky 1
qualysblog 1
prion
prion
Remote code execution
2019-04-09 21:29:00
Remote code execution
2019-04-09 21:29:00
Remote code execution
2019-04-09 21:29:00
cve
cve
CVE-2019-0860
2019-04-09 21:29:00
CVE-2019-0861
2019-04-09 21:29:00
CVE-2019-0829
2019-04-09 21:29:00
github
github
ChakraCore Memory Corruption Vulnerability
2022-05-13 01:21:37
ChakraCore Memory Corruption Vulnerability
2022-05-13 01:21:41
ChakraCore RCE Vulnerability
2022-05-13 01:21:36
osv
osv
CVE-2019-0861
2019-04-09 21:29:02
CVE-2019-0806
2019-04-09 21:29:01
CVE-2019-0810
2019-04-09 21:29:01
nessus
nessus
Security Updates for Internet Explorer (April 2019)
2019-04-09 00:00:00
KB4493475: Windows 10 April 2019 Security Update
2019-04-09 00:00:00
KB4493470: Windows 10 Version 1607 and Windows Server 2016 April 2019 Security Update
2019-04-09 00:00:00
mskb
mskb
Cumulative security update for Internet Explorer: April 9, 2019
2019-04-09 07:00:00
April 9, 2019—KB4493509 (OS Build 17763.437)
2019-04-09 07:00:00
April 9, 2019—KB4493470 (OS Build 14393.2906)
2019-04-09 07:00:00
attackerkb
attackerkb
CVE-2019-0752
2019-04-09 00:00:00
CVE-2019-0862
2019-04-09 00:00:00
CVE-2019-0753
2019-04-09 00:00:00
symantec
symantec
Microsoft Edge Chakra Scripting Engine CVE-2019-0810 Remote Memory Corruption Vulnerability
2019-04-09 00:00:00
Microsoft Internet Explorer Scripting Engine CVE-2019-0835 Information Disclosure Vulnerability
2019-04-09 00:00:00
Microsoft Edge Chakra Scripting Engine CVE-2019-0860 Remote Memory Corruption Vulnerability
2019-04-09 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2019-04-11 01:54:09
Remote Code Execution (RCE)
2019-04-10 00:54:37
Remote Code Execution (RCE)
2019-04-10 00:42:14
checkpoint_advisories
checkpoint_advisories
Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2019-0810)
2019-04-09 00:00:00
Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2019-0860)
2019-04-09 00:00:00
Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2019-0806)
2019-04-09 00:00:00
mscve
mscve
Chakra Scripting Engine Memory Corruption Vulnerability
2019-04-09 07:00:00
Chakra Scripting Engine Memory Corruption Vulnerability
2019-04-09 07:00:00
Chakra Scripting Engine Memory Corruption Vulnerability
2019-04-09 07:00:00
zdi
zdi
Microsoft Chakra Object Reoptimization Type Confusion Remote Code Execution Vulnerability
2019-04-15 00:00:00
Microsoft Internet Explorer Property Put Type Confusion Remote Code Execution Vulnerability
2019-04-15 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4493509)
2019-04-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4493475)
2019-04-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4493474)
2019-04-10 00:00:00
cisa_kev
cisa_kev
Microsoft Internet Explorer Type Confusion Vulnerability
2022-02-15 00:00:00
githubexploit
githubexploit
Exploit for Type Confusion in Microsoft
2020-12-18 22:53:16
malwarebytes
malwarebytes
Malvertising campaigns come back in full swing
2020-09-09 17:07:14
zdt
zdt
Microsoft Internet Explorer Windows 10 1809 17763.316 - Scripting Engine Memory Corruption Exploit
2019-05-24 00:00:00
exploitpack
exploitpack
Microsoft Internet Explorer Windows 10 1809 17763.316 - Scripting Engine Memory Corruption
2019-05-24 00:00:00
packetstorm
packetstorm
Microsoft Internet Explorer Windows 10 1809 17763.316 Memory Corruption
2019-05-24 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday — April 2019: Vulnerability disclosures and Snort coverage
2019-04-09 11:10:02
exploitdb
exploitdb
Microsoft Internet Explorer Windows 10 1809 17763.316 - Scripting Engine Memory Corruption
2019-05-24 00:00:00
thn
thn
RIG Exploit Kit Now Infects Victims' PCs With Dridex Instead of Raccoon Stealer
2022-06-22 05:41:00
Researchers Share New Insights Into RIG Exploit Kit Malware's Operations
2023-02-27 15:33:00
cisa
cisa
CISA Adds Nine Known Exploited Vulnerabilities to Catalog
2022-02-15 00:00:00
kaspersky
kaspersky
KLA11875 Multiple vulnerabilities in Microsoft Products (ESU)
2019-04-09 00:00:00
qualysblog
qualysblog
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.955 High

EPSS

Percentile

99.4%

JSON
Related for KLA11462
prion13cve13github6osv13nessus9mskb12attackerkb3symantec13veracode7checkpoint_advisories9mscve13zdi2openvas10cisa_kev1githubexploit1malwarebytes1zdt1exploitpack1packetstorm1talosblog1exploitdb1thn2cisa1kaspersky1qualysblog1