Kaspersky LabKLA11500KLA11500 Multiple vulnerabilities in Microsoft Browsers
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
7.6 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.043 Low
EPSS
Percentile
92.2%
Detect date:
06/11/2019
Severity:
Critical
Description:
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, bypass security restrictions.
Exploitation:
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Affected products:
Internet Explorer 11
Microsoft Edge
Internet Explorer 10
Internet Explorer 9
ChakraCore
Solution:
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories:
CVE-2019-1081
CVE-2019-1051
CVE-2019-1054
CVE-2019-0993
CVE-2019-1024
CVE-2019-0989
CVE-2019-0990
CVE-2019-1038
CVE-2019-1002
CVE-2019-1005
CVE-2019-1055
CVE-2019-0991
CVE-2019-1023
CVE-2019-1080
CVE-2019-0992
CVE-2019-1003
CVE-2019-0988
CVE-2019-1052
CVE-2019-0920
Impacts:
ACE
Related products:
CVE-IDS:
CVE-2019-10814.3Warning
CVE-2019-10517.6Critical
CVE-2019-10545.1High
CVE-2019-09937.6Critical
CVE-2019-10247.6Critical
CVE-2019-09897.6Critical
CVE-2019-09904.3Warning
CVE-2019-10387.6Critical
CVE-2019-10027.6Critical
CVE-2019-10057.6Critical
CVE-2019-10557.6Critical
CVE-2019-09917.6Critical
CVE-2019-10234.3Warning
CVE-2019-10807.6Critical
CVE-2019-09927.6Critical
CVE-2019-10037.6Critical
CVE-2019-09887.6Critical
CVE-2019-10527.6Critical
CVE-2019-09207.6Critical
KB list:
4503293
4503327
4503286
4503284
4503285
4503276
4503292
4503267
4503291
4503279
4503259
4512497
Microsoft official advisories:
References
support.microsoft.com/kb/4503259
support.microsoft.com/kb/4503267
support.microsoft.com/kb/4503276
support.microsoft.com/kb/4503279
support.microsoft.com/kb/4503284
support.microsoft.com/kb/4503285
support.microsoft.com/kb/4503286
support.microsoft.com/kb/4503291
support.microsoft.com/kb/4503292
support.microsoft.com/kb/4503293
support.microsoft.com/kb/4503327
support.microsoft.com/kb/4512497
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0920
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0988
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0989
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0990
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0991
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0992
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0993
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1002
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1003
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1005
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1023
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1024
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1038
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1051
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1052
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1054
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1055
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1080
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1081
portal.msrc.microsoft.com/en-us/security-guidance
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0920
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0988
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0989
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0990
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0991
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0992
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0993
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1002
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1003
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1005
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1023
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1024
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1038
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1051
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1052
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1054
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1055
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1080
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1081
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Edge/
threats.kaspersky.com/en/product/Microsoft-Internet-Explorer/
Related
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
7.6 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.043 Low
EPSS
Percentile
92.2%