7.6 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
9.1 High
AI Score
Confidence
High
0.186 Low
EPSS
Percentile
96.3%
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, bypass security restrictions, gain privileges, obtain sensitive information.
Below is a complete list of vulnerabilities:
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
CVE-2019-0940 critical
CVE-2019-0937 critical
CVE-2019-0924 critical
CVE-2019-0913 critical
CVE-2019-0921 warning
CVE-2019-0995 high
CVE-2019-0918 critical
CVE-2019-0923 critical
CVE-2019-0912 critical
CVE-2019-0929 critical
CVE-2019-0925 critical
CVE-2019-0915 critical
CVE-2019-0927 critical
CVE-2019-0933 critical
CVE-2019-0916 critical
CVE-2019-0938 high
CVE-2019-0926 critical
CVE-2019-0914 critical
CVE-2019-0911 critical
CVE-2019-0884 critical
CVE-2019-0930 warning
CVE-2019-0917 critical
CVE-2019-0922 critical
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
support.microsoft.com/kb/4494440
support.microsoft.com/kb/4494441
support.microsoft.com/kb/4497936
support.microsoft.com/kb/4498206
support.microsoft.com/kb/4499151
support.microsoft.com/kb/4499154
support.microsoft.com/kb/4499164
support.microsoft.com/kb/4499167
support.microsoft.com/kb/4499171
support.microsoft.com/kb/4499179
support.microsoft.com/kb/4499181
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0884
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0911
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0912
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0913
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0914
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0915
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0916
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0917
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0918
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0921
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0922
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0923
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0924
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0925
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0926
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0927
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0929
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0930
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0933
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0937
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0938
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0940
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0995
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Edge/
threats.kaspersky.com/en/product/Microsoft-Internet-Explorer/
7.6 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
9.1 High
AI Score
Confidence
High
0.186 Low
EPSS
Percentile
96.3%