2814 matches found
Microsoft Patch Tuesday — March 2019: Vulnerability disclosures and Snort coverage
Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 64 vulnerabilities, 17 of which are rated “critical,” 45 that are considered “important” and one “moderate” and “low” vulnerability each. This...
Chakra Scripting Engine Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge HTML-based. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who...
Scripting Engine Information Disclosure Vulnerability
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. In a web-based attack scenario, an...
Chakra Scripting Engine Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge HTML-based. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who...
Microsoft Browser Scripting Engine Memory Corruption (CVE-2019-0666)
A memory corruption vulnerability exists in Microsoft Browser. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Security Updates for Internet Explorer (March 2019)
The Internet Explorer installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability cou...
KB4489885: Windows 7 and Windows Server 2008 R2 March 2019 Security Update
The remote Windows host is missing security update 4489885 or cumulative update 4489878. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default setting that lets an attacker in the trusting fores...
Remote Code Execution (RCE)
Microsoft.ChakraCore is vulnerable to remote code execution. This is due to the way the ChakraCore scripting engine handles objects in memory which could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. This CVE ID is different from...
CVE-2019-0648
An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user's computer or data.To exploit the vulnerability, an attacker must know the memory address of where the object...
CVE-2019-0640
CVE-2019-0640 describes a remote code execution vulnerability in Microsoft Edge’s scripting engine related to memory handling of objects. Affected software is Edge; underlying cause is memory corruption in the scripting engine. Impact per listed metrics is HIGH for confidentiality, integrity, and...
CVE-2019-0610
Technical details about CVE-2019-0610 are not publicly provided in the supplied documents. Monitor for updates from official advisories and EUVD entries for any further specifics, remediation or impact information.
CVE-2019-0607
Technical details about CVE-2019-0607 are not publicly provided in the supplied connected documents; no product/version/impact details are present. Monitor for updates.
CVE-2019-0655
Technical details for CVE-2019-0655 are not publicly provided in the supplied documents. Connected EUVD entries mention malware labels but do not specify affected product, root cause, impact, or remediation. Monitor for updates.
CVE-2019-0652
Technical details for CVE-2019-0652 are not publicly available in the provided documents. No confirmed affected products, root cause, impact or remediation are present; monitor for updates.
CVE-2019-0658
CVE-2019-0658 describes an information-disclosure vulnerability in Microsoft Edge/ChakraCore where memory-objects handling leaks could expose memory contents. The ChakraCore information-disclosure entry (GHSA-wwfw-m54G-GV72) confirms the issue is memory-object related and notes an update to chang...
CVE-2019-0644
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-061...
CVE-2019-0591
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-064...
CVE-2019-0610
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-064...
CVE-2019-0655
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-061...
CVE-2019-0593
Technical details about CVE-2019-0593 are not provided in the connected documents. The EUVD entries mention malware but do not specify vulnerability details. Monitor for updates.