All the vulnerabilites related to Microsoft - Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems
cve-2019-1003
Vulnerability from cvelistv5
Published
2019-06-12 13:49
Modified
2024-08-04 18:06
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1003 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:06:31.134Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1003" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "ChakraCore on ChakraCore", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-06-12T13:49:39", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1003" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-1003", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "ChakraCore on ChakraCore", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1003", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1003" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-1003", "datePublished": "2019-06-12T13:49:39", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:06:31.134Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1196
Vulnerability from cvelistv5
Published
2019-08-14 20:55
Modified
2024-08-04 18:13
Severity ?
EPSS score ?
Summary
Chakra Scripting Engine Memory Corruption Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1196 | x_refsource_MISC |
Impacted products
▼ | Vendor | Product |
---|---|---|
Microsoft | ChakraCore | |
Microsoft | Microsoft Edge (EdgeHTML-based) |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2019-1196", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-19T19:06:29.553497Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-19T19:06:36.825Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T18:13:29.198Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1196" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "ChakraCore", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1703 for 32-bit Systems", "Windows 10 Version 1703 for x64-based Systems", "Windows 10 Version 1803 for 32-bit Systems", "Windows 10 Version 1803 for x64-based Systems", "Windows 10 Version 1803 for ARM64-based Systems", "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019", "Windows 10 Version 1709 for 32-bit Systems", "Windows 10 Version 1709 for x64-based Systems", "Windows 10 Version 1709 for ARM64-based Systems", "Windows 10 Version 1903 for 32-bit Systems", "Windows 10 Version 1903 for x64-based Systems", "Windows 10 Version 1903 for ARM64-based Systems" ], "product": "Microsoft Edge (EdgeHTML-based)", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "1.0..0", "versionType": "custom" } ] } ], "datePublic": "2019-08-13T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nIn a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.\nThe security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.\n" } ], "metrics": [ { "cvssV3_1": { "baseScore": 4.2, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T16:50:38.358Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1196" } ], "title": "Chakra Scripting Engine Memory Corruption Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-1196", "datePublished": "2019-08-14T20:55:05", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:13:29.198Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1106
Vulnerability from cvelistv5
Published
2019-07-29 14:08
Modified
2024-08-04 18:06
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1107.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1106 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:06:31.740Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1106" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "ChakraCore", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1107." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-07-29T14:08:07", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1106" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-1106", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "ChakraCore", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1107." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1106", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1106" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-1106", "datePublished": "2019-07-29T14:08:07", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:06:31.740Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1052
Vulnerability from cvelistv5
Published
2019-06-12 13:49
Modified
2024-08-04 18:06
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1052 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:06:31.587Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1052" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "ChakraCore on ChakraCore", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-06-12T13:49:41", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1052" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-1052", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "ChakraCore on ChakraCore", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1052", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1052" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-1052", "datePublished": "2019-06-12T13:49:41", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:06:31.587Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1081
Vulnerability from cvelistv5
Published
2019-06-12 13:49
Modified
2024-08-04 18:06
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory, aka 'Microsoft Browser Information Disclosure Vulnerability'.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1081 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:06:31.568Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1081" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Internet Explorer 9", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows Server 2008 for 32-bit Systems Service Pack 2" }, { "status": "affected", "version": "Windows Server 2008 for x64-based Systems Service Pack 2" } ] }, { "product": "Internet Explorer 11", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 7 for 32-bit Systems Service Pack 1" }, { "status": "affected", "version": "Windows 7 for x64-based Systems Service Pack 1" }, { "status": "affected", "version": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" }, { "status": "affected", "version": "Windows 8.1 for 32-bit systems" }, { "status": "affected", "version": "Windows 8.1 for x64-based systems" }, { "status": "affected", "version": "Windows Server 2012 R2" }, { "status": "affected", "version": "Windows RT 8.1" }, { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Internet Explorer 11 on Windows Server 2012", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Internet Explorer 10", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows Server 2012" } ] }, { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory, aka \u0027Microsoft Browser Information Disclosure Vulnerability\u0027." } ], "problemTypes": [ { "descriptions": [ { "description": "Information Disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-06-12T13:49:41", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1081" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-1081", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Internet Explorer 9", "version": { "version_data": [ { "version_value": "Windows Server 2008 for 32-bit Systems Service Pack 2" }, { "version_value": "Windows Server 2008 for x64-based Systems Service Pack 2" } ] } }, { "product_name": "Internet Explorer 11", "version": { "version_data": [ { "version_value": "Windows 7 for 32-bit Systems Service Pack 1" }, { "version_value": "Windows 7 for x64-based Systems Service Pack 1" }, { "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" }, { "version_value": "Windows 8.1 for 32-bit systems" }, { "version_value": "Windows 8.1 for x64-based systems" }, { "version_value": "Windows Server 2012 R2" }, { "version_value": "Windows RT 8.1" }, { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Internet Explorer 11 on Windows Server 2012", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Internet Explorer 10", "version": { "version_data": [ { "version_value": "Windows Server 2012" } ] } }, { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory, aka \u0027Microsoft Browser Information Disclosure Vulnerability\u0027." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information Disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1081", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1081" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-1081", "datePublished": "2019-06-12T13:49:41", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:06:31.568Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1024
Vulnerability from cvelistv5
Published
2019-06-12 13:49
Modified
2024-08-04 18:06
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1051, CVE-2019-1052.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1024 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:06:31.617Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1024" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "ChakraCore on ChakraCore", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1051, CVE-2019-1052." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-06-12T13:49:40", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1024" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-1024", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "ChakraCore on ChakraCore", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1051, CVE-2019-1052." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1024", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1024" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-1024", "datePublished": "2019-06-12T13:49:40", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:06:31.617Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1195
Vulnerability from cvelistv5
Published
2019-08-14 20:55
Modified
2024-08-04 18:13
Severity ?
EPSS score ?
Summary
Chakra Scripting Engine Memory Corruption Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1195 | x_refsource_MISC |
Impacted products
▼ | Vendor | Product |
---|---|---|
Microsoft | ChakraCore | |
Microsoft | Microsoft Edge (EdgeHTML-based) |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:13:29.484Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1195" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "ChakraCore", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1703 for 32-bit Systems", "Windows 10 Version 1703 for x64-based Systems", "Windows 10 Version 1803 for 32-bit Systems", "Windows 10 Version 1803 for x64-based Systems", "Windows 10 Version 1803 for ARM64-based Systems", "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019", "Windows 10 Version 1709 for 32-bit Systems", "Windows 10 Version 1709 for x64-based Systems", "Windows 10 Version 1709 for ARM64-based Systems", "Windows 10 Version 1903 for 32-bit Systems", "Windows 10 Version 1903 for x64-based Systems", "Windows 10 Version 1903 for ARM64-based Systems", "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016" ], "product": "Microsoft Edge (EdgeHTML-based)", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "1.0..0", "versionType": "custom" } ] } ], "datePublic": "2019-08-13T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nIn a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.\nThe security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.\n" } ], "metrics": [ { "cvssV3_1": { "baseScore": 4.2, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T16:50:37.860Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1195" } ], "title": "Chakra Scripting Engine Memory Corruption Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-1195", "datePublished": "2019-08-14T20:55:04", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:13:29.484Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1139
Vulnerability from cvelistv5
Published
2019-08-14 20:55
Modified
2024-08-04 18:06
Severity ?
EPSS score ?
Summary
Chakra Scripting Engine Memory Corruption Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1139 | x_refsource_MISC |
Impacted products
▼ | Vendor | Product |
---|---|---|
Microsoft | ChakraCore | |
Microsoft | Microsoft Edge (EdgeHTML-based) |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2019-1139", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-01T16:43:00.565277Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-01T16:43:15.831Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T18:06:31.767Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1139" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "ChakraCore", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1703 for 32-bit Systems", "Windows 10 Version 1703 for x64-based Systems", "Windows 10 Version 1803 for 32-bit Systems", "Windows 10 Version 1803 for x64-based Systems", "Windows 10 Version 1803 for ARM64-based Systems", "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019", "Windows 10 Version 1709 for 32-bit Systems", "Windows 10 Version 1709 for x64-based Systems", "Windows 10 Version 1709 for ARM64-based Systems", "Windows 10 Version 1903 for 32-bit Systems", "Windows 10 Version 1903 for x64-based Systems", "Windows 10 Version 1903 for ARM64-based Systems", "Windows 10 for 32-bit Systems", "Windows 10 for x64-based Systems", "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016" ], "product": "Microsoft Edge (EdgeHTML-based)", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "1.0..0", "versionType": "custom" } ] } ], "datePublic": "2019-08-13T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nIn a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.\nThe security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.\n" } ], "metrics": [ { "cvssV3_1": { "baseScore": 4.2, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T16:50:28.728Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1139" } ], "title": "Chakra Scripting Engine Memory Corruption Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-1139", "datePublished": "2019-08-14T20:55:02", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:06:31.767Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1103
Vulnerability from cvelistv5
Published
2019-07-29 13:58
Modified
2024-08-04 18:06
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1106, CVE-2019-1107.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1103 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:06:31.669Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1103" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "ChakraCore", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1106, CVE-2019-1107." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-07-29T13:58:46", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1103" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-1103", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "ChakraCore", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1106, CVE-2019-1107." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1103", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1103" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-1103", "datePublished": "2019-07-29T13:58:46", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:06:31.669Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-0922
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:58
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0922 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T17:58:59.927Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0922" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "ChakraCore", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-05-16T18:17:02", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0922" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-0922", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "ChakraCore", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0922", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0922" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-0922", "datePublished": "2019-05-16T18:17:02", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T17:58:59.927Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1107
Vulnerability from cvelistv5
Published
2019-07-29 14:08
Modified
2024-08-04 18:06
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1106.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1107 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:06:31.598Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1107" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "ChakraCore", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1106." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-07-29T14:08:17", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1107" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-1107", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "ChakraCore", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1106." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1107", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1107" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-1107", "datePublished": "2019-07-29T14:08:17", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:06:31.598Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1030
Vulnerability from cvelistv5
Published
2019-08-14 20:55
Modified
2024-08-04 18:06
Severity ?
EPSS score ?
Summary
Microsoft Edge based on Edge HTML Information Disclosure Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1030 | x_refsource_MISC |
Impacted products
▼ | Vendor | Product |
---|---|---|
Microsoft | Microsoft Edge (EdgeHTML-based) |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:06:31.540Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1030" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1703 for 32-bit Systems", "Windows 10 Version 1703 for x64-based Systems", "Windows 10 Version 1803 for 32-bit Systems", "Windows 10 Version 1803 for x64-based Systems", "Windows 10 Version 1803 for ARM64-based Systems", "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019", "Windows 10 Version 1709 for 32-bit Systems", "Windows 10 Version 1709 for x64-based Systems", "Windows 10 Version 1709 for ARM64-based Systems", "Windows 10 Version 1903 for 32-bit Systems", "Windows 10 Version 1903 for x64-based Systems", "Windows 10 Version 1903 for ARM64-based Systems", "Windows 10 for 32-bit Systems", "Windows 10 for x64-based Systems", "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016" ], "product": "Microsoft Edge (EdgeHTML-based)", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "1.0..0", "versionType": "custom" } ] } ], "datePublic": "2019-08-13T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user\u2019s system.\nTo exploit the vulnerability, in a web-based attack scenario, an attacker could host a website in an attempt to exploit the vulnerability. In addition, compromised websites and websites that accept or host user-provided content could contain specially crafted content that could exploit the vulnerability. However, in all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action. For example, an attacker could trick a user into clicking a link that takes the user to the attacker\u0027s site.\nThe update addresses the vulnerability by modifying how Microsoft Edge based on Edge HTML handles objects in memory.\n" } ], "metrics": [ { "cvssV3_1": { "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Information Disclosure", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T16:50:43.891Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1030" } ], "title": "Microsoft Edge based on Edge HTML Information Disclosure Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-1030", "datePublished": "2019-08-14T20:55:02", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:06:31.540Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1141
Vulnerability from cvelistv5
Published
2019-08-14 20:55
Modified
2024-08-04 18:06
Severity ?
EPSS score ?
Summary
Chakra Scripting Engine Memory Corruption Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1141 | x_refsource_MISC |
Impacted products
▼ | Vendor | Product |
---|---|---|
Microsoft | ChakraCore | |
Microsoft | Microsoft Edge (EdgeHTML-based) |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:06:31.991Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1141" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "ChakraCore", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019", "Windows 10 Version 1903 for 32-bit Systems", "Windows 10 Version 1903 for x64-based Systems", "Windows 10 Version 1903 for ARM64-based Systems" ], "product": "Microsoft Edge (EdgeHTML-based)", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "1.0..0", "versionType": "custom" } ] } ], "datePublic": "2019-08-13T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nIn a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.\nThe security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.\n" } ], "metrics": [ { "cvssV3_1": { "baseScore": 4.2, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T16:50:29.703Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1141" } ], "title": "Chakra Scripting Engine Memory Corruption Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-1141", "datePublished": "2019-08-14T20:55:02", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:06:31.991Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-0915
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:58
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0915 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T17:58:59.601Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0915" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "ChakraCore", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-05-16T18:17:02", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0915" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-0915", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "ChakraCore", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0915", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0915" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-0915", "datePublished": "2019-05-16T18:17:02", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T17:58:59.601Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-0940
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:58
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0940 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T17:58:59.617Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0940" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Internet Explorer 11", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 7 for 32-bit Systems Service Pack 1" }, { "status": "affected", "version": "Windows 7 for x64-based Systems Service Pack 1" }, { "status": "affected", "version": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" }, { "status": "affected", "version": "Windows 8.1 for 32-bit systems" }, { "status": "affected", "version": "Windows 8.1 for x64-based systems" }, { "status": "affected", "version": "Windows Server 2012 R2" }, { "status": "affected", "version": "Windows RT 8.1" }, { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Internet Explorer 11 on Windows Server 2012", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Internet Explorer 10", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows Server 2012" } ] }, { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka \u0027Microsoft Browser Memory Corruption Vulnerability\u0027." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-05-16T18:17:03", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0940" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-0940", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Internet Explorer 11", "version": { "version_data": [ { "version_value": "Windows 7 for 32-bit Systems Service Pack 1" }, { "version_value": "Windows 7 for x64-based Systems Service Pack 1" }, { "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" }, { "version_value": "Windows 8.1 for 32-bit systems" }, { "version_value": "Windows 8.1 for x64-based systems" }, { "version_value": "Windows Server 2012 R2" }, { "version_value": "Windows RT 8.1" }, { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Internet Explorer 11 on Windows Server 2012", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Internet Explorer 10", "version": { "version_data": [ { "version_value": "Windows Server 2012" } ] } }, { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka \u0027Microsoft Browser Memory Corruption Vulnerability\u0027." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0940", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0940" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-0940", "datePublished": "2019-05-16T18:17:03", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T17:58:59.617Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-0914
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:58
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0914 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T17:58:59.600Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0914" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "ChakraCore", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-05-16T18:17:02", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0914" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-0914", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "ChakraCore", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0914", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0914" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-0914", "datePublished": "2019-05-16T18:17:02", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T17:58:59.600Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-0925
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:58
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0925 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T17:58:59.949Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0925" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "ChakraCore", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-05-16T18:17:02", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0925" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-0925", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "ChakraCore", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0925", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0925" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-0925", "datePublished": "2019-05-16T18:17:02", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T17:58:59.949Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1001
Vulnerability from cvelistv5
Published
2019-07-15 18:56
Modified
2024-08-04 18:06
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1004, CVE-2019-1056, CVE-2019-1059.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1001 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:06:31.464Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1001" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Internet Explorer 11", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 7 for 32-bit Systems Service Pack 1" }, { "status": "affected", "version": "Windows 7 for x64-based Systems Service Pack 1" }, { "status": "affected", "version": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" }, { "status": "affected", "version": "Windows 8.1 for 32-bit systems" }, { "status": "affected", "version": "Windows 8.1 for x64-based systems" }, { "status": "affected", "version": "Windows Server 2012 R2" }, { "status": "affected", "version": "Windows RT 8.1" }, { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Internet Explorer 11 on Windows Server 2012", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "ChakraCore", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1004, CVE-2019-1056, CVE-2019-1059." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-07-15T18:56:19", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1001" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-1001", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Internet Explorer 11", "version": { "version_data": [ { "version_value": "Windows 7 for 32-bit Systems Service Pack 1" }, { "version_value": "Windows 7 for x64-based Systems Service Pack 1" }, { "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" }, { "version_value": "Windows 8.1 for 32-bit systems" }, { "version_value": "Windows 8.1 for x64-based systems" }, { "version_value": "Windows Server 2012 R2" }, { "version_value": "Windows RT 8.1" }, { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Internet Explorer 11 on Windows Server 2012", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "ChakraCore", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1004, CVE-2019-1056, CVE-2019-1059." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1001", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1001" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-1001", "datePublished": "2019-07-15T18:56:20", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:06:31.464Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-0911
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:58
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0884, CVE-2019-0918.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0911 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T17:58:59.897Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0911" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Internet Explorer 11", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 7 for 32-bit Systems Service Pack 1" }, { "status": "affected", "version": "Windows 7 for x64-based Systems Service Pack 1" }, { "status": "affected", "version": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" }, { "status": "affected", "version": "Windows 8.1 for 32-bit systems" }, { "status": "affected", "version": "Windows 8.1 for x64-based systems" }, { "status": "affected", "version": "Windows Server 2012 R2" }, { "status": "affected", "version": "Windows RT 8.1" }, { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Internet Explorer 11 on Windows Server 2012", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Internet Explorer 10", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows Server 2012" } ] }, { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "ChakraCore", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0884, CVE-2019-0918." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-05-16T18:17:02", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0911" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-0911", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Internet Explorer 11", "version": { "version_data": [ { "version_value": "Windows 7 for 32-bit Systems Service Pack 1" }, { "version_value": "Windows 7 for x64-based Systems Service Pack 1" }, { "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" }, { "version_value": "Windows 8.1 for 32-bit systems" }, { "version_value": "Windows 8.1 for x64-based systems" }, { "version_value": "Windows Server 2012 R2" }, { "version_value": "Windows RT 8.1" }, { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Internet Explorer 11 on Windows Server 2012", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Internet Explorer 10", "version": { "version_data": [ { "version_value": "Windows Server 2012" } ] } }, { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "ChakraCore", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0884, CVE-2019-0918." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0911", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0911" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-0911", "datePublished": "2019-05-16T18:17:02", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T17:58:59.897Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-0991
Vulnerability from cvelistv5
Published
2019-06-12 13:49
Modified
2024-08-04 18:06
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0991 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:06:31.268Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0991" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "ChakraCore on ChakraCore", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0989, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-06-12T13:49:39", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0991" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-0991", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "ChakraCore on ChakraCore", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0989, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0991", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0991" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-0991", "datePublished": "2019-06-12T13:49:39", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:06:31.268Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-0917
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:58
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0917 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T17:58:59.940Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0917" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "ChakraCore", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-05-16T18:17:02", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0917" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-0917", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "ChakraCore", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0917", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0917" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-0917", "datePublished": "2019-05-16T18:17:02", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T17:58:59.940Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1051
Vulnerability from cvelistv5
Published
2019-06-12 13:49
Modified
2024-08-04 18:06
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1052.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1051 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:06:31.578Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1051" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "ChakraCore on ChakraCore", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1052." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-06-12T13:49:41", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1051" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-1051", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "ChakraCore on ChakraCore", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1052." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1051", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1051" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-1051", "datePublished": "2019-06-12T13:49:41", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:06:31.578Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1092
Vulnerability from cvelistv5
Published
2019-07-15 18:56
Modified
2024-08-04 18:06
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1103, CVE-2019-1106, CVE-2019-1107.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1092 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:06:31.639Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1092" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "ChakraCore", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1062, CVE-2019-1103, CVE-2019-1106, CVE-2019-1107." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-07-15T18:56:21", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1092" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-1092", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "ChakraCore", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1062, CVE-2019-1103, CVE-2019-1106, CVE-2019-1107." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1092", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1092" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-1092", "datePublished": "2019-07-15T18:56:21", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:06:31.639Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-0916
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:58
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0916 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T17:58:59.793Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0916" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "ChakraCore", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-05-16T18:17:02", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0916" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-0916", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "ChakraCore", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0916", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0916" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-0916", "datePublished": "2019-05-16T18:17:02", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T17:58:59.793Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1054
Vulnerability from cvelistv5
Published
2019-06-12 13:49
Modified
2024-08-04 18:06
Severity ?
EPSS score ?
Summary
A security feature bypass vulnerability exists in Edge that allows for bypassing Mark of the Web Tagging (MOTW), aka 'Microsoft Edge Security Feature Bypass Vulnerability'.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1054 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:06:31.457Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1054" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A security feature bypass vulnerability exists in Edge that allows for bypassing Mark of the Web Tagging (MOTW), aka \u0027Microsoft Edge Security Feature Bypass Vulnerability\u0027." } ], "problemTypes": [ { "descriptions": [ { "description": "Security Feature Bypass", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-06-12T13:49:41", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1054" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-1054", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A security feature bypass vulnerability exists in Edge that allows for bypassing Mark of the Web Tagging (MOTW), aka \u0027Microsoft Edge Security Feature Bypass Vulnerability\u0027." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Security Feature Bypass" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1054", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1054" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-1054", "datePublished": "2019-06-12T13:49:41", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:06:31.457Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1038
Vulnerability from cvelistv5
Published
2019-06-12 13:49
Modified
2024-08-04 18:06
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1038 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:06:31.190Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1038" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Internet Explorer 11", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 7 for 32-bit Systems Service Pack 1" }, { "status": "affected", "version": "Windows 7 for x64-based Systems Service Pack 1" }, { "status": "affected", "version": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" }, { "status": "affected", "version": "Windows 8.1 for 32-bit systems" }, { "status": "affected", "version": "Windows 8.1 for x64-based systems" }, { "status": "affected", "version": "Windows Server 2012 R2" }, { "status": "affected", "version": "Windows RT 8.1" }, { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Internet Explorer 11 on Windows Server 2012", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Internet Explorer 10", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows Server 2012" } ] }, { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka \u0027Microsoft Browser Memory Corruption Vulnerability\u0027." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-06-12T13:49:40", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1038" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-1038", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Internet Explorer 11", "version": { "version_data": [ { "version_value": "Windows 7 for 32-bit Systems Service Pack 1" }, { "version_value": "Windows 7 for x64-based Systems Service Pack 1" }, { "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" }, { "version_value": "Windows 8.1 for 32-bit systems" }, { "version_value": "Windows 8.1 for x64-based systems" }, { "version_value": "Windows Server 2012 R2" }, { "version_value": "Windows RT 8.1" }, { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Internet Explorer 11 on Windows Server 2012", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Internet Explorer 10", "version": { "version_data": [ { "version_value": "Windows Server 2012" } ] } }, { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka \u0027Microsoft Browser Memory Corruption Vulnerability\u0027." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1038", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1038" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-1038", "datePublished": "2019-06-12T13:49:40", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:06:31.190Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-0913
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:58
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0913 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T17:58:59.629Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0913" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "ChakraCore", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-05-16T18:17:02", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0913" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-0913", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "ChakraCore", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0913", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0913" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-0913", "datePublished": "2019-05-16T18:17:02", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T17:58:59.629Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1062
Vulnerability from cvelistv5
Published
2019-07-15 18:56
Modified
2024-08-04 18:06
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1092, CVE-2019-1103, CVE-2019-1106, CVE-2019-1107.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1062 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:06:31.391Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1062" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "ChakraCore", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1092, CVE-2019-1103, CVE-2019-1106, CVE-2019-1107." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-07-15T18:56:20", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1062" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-1062", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "ChakraCore", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1092, CVE-2019-1103, CVE-2019-1106, CVE-2019-1107." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1062", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1062" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-1062", "datePublished": "2019-07-15T18:56:20", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:06:31.391Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1192
Vulnerability from cvelistv5
Published
2019-08-14 20:55
Modified
2024-08-04 18:13
Severity ?
EPSS score ?
Summary
Microsoft Browsers Security Feature Bypass Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1192 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:13:29.483Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1192" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2012" ], "product": "Internet Explorer 10", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "1.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1703 for 32-bit Systems", "Windows 10 Version 1703 for x64-based Systems", "Windows 10 Version 1803 for 32-bit Systems", "Windows 10 Version 1803 for x64-based Systems", "Windows 10 Version 1709 for 32-bit Systems", "Windows 10 Version 1709 for x64-based Systems", "Windows 10 for 32-bit Systems", "Windows 10 for x64-based Systems", "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016", "Windows 7 for 32-bit Systems Service Pack 1", "Windows 7 for x64-based Systems Service Pack 1", "Windows 8.1 for 32-bit systems", "Windows 8.1 for x64-based systems", "Windows RT 8.1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2012 R2", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019", "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1803 for ARM64-based Systems", "Windows 10 Version 1709 for ARM64-based Systems", "Windows 10 Version 1903 for 32-bit Systems", "Windows 10 Version 1903 for x64-based Systems", "Windows 10 Version 1903 for ARM64-based Systems", "Windows Server 2012" ], "product": "Internet Explorer 11", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "1.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1703 for 32-bit Systems", "Windows 10 Version 1703 for x64-based Systems", "Windows 10 Version 1803 for 32-bit Systems", "Windows 10 Version 1803 for x64-based Systems", "Windows 10 Version 1709 for 32-bit Systems", "Windows 10 Version 1709 for x64-based Systems", "Windows 10 for 32-bit Systems", "Windows 10 for x64-based Systems", "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016", "Windows 10 Version 1809 for ARM64-based Systems", "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows Server 2019", "Windows 10 Version 1803 for ARM64-based Systems", "Windows 10 Version 1709 for ARM64-based Systems", "Windows 10 Version 1903 for 32-bit Systems", "Windows 10 Version 1903 for x64-based Systems", "Windows 10 Version 1903 for ARM64-based Systems" ], "product": "Microsoft Edge (EdgeHTML-based)", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "1.0..0", "versionType": "custom" } ] } ], "datePublic": "2019-08-13T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of different origins. The vulnerability allows Microsoft browsers to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored. An attacker who successfully exploited the vulnerability could force the browser to send data that would otherwise be restricted.\nIn a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft browsers and then convince a user to view the website. The attacker could also take advantage of compromised websites, and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.\nThe security update addresses the vulnerability by modifying how affected Microsoft browsers handle different-origin requests.\n" } ], "metrics": [ { "cvssV3_1": { "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Security Feature Bypass", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T16:50:36.369Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1192" } ], "title": "Microsoft Browsers Security Feature Bypass Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-1192", "datePublished": "2019-08-14T20:55:04", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:13:29.483Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-0938
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:58
Severity ?
EPSS score ?
Summary
An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka 'Microsoft Edge Elevation of Privilege Vulnerability'.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0938 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T17:58:59.969Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0938" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka \u0027Microsoft Edge Elevation of Privilege Vulnerability\u0027." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of Privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-05-16T18:17:03", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0938" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-0938", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka \u0027Microsoft Edge Elevation of Privilege Vulnerability\u0027." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of Privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0938", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0938" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-0938", "datePublished": "2019-05-16T18:17:03", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T17:58:59.969Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1023
Vulnerability from cvelistv5
Published
2019-06-12 13:49
Modified
2024-08-04 18:06
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0990.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1023 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:06:31.458Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1023" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "ChakraCore on ChakraCore", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka \u0027Scripting Engine Information Disclosure Vulnerability\u0027. This CVE ID is unique from CVE-2019-0990." } ], "problemTypes": [ { "descriptions": [ { "description": "Information Disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-06-12T13:49:40", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1023" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-1023", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "ChakraCore on ChakraCore", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka \u0027Scripting Engine Information Disclosure Vulnerability\u0027. This CVE ID is unique from CVE-2019-0990." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information Disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1023", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1023" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-1023", "datePublished": "2019-06-12T13:49:40", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:06:31.458Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-0926
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:58
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0926 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T17:58:59.647Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0926" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka \u0027Microsoft Edge Memory Corruption Vulnerability\u0027." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-05-16T18:17:02", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0926" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-0926", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka \u0027Microsoft Edge Memory Corruption Vulnerability\u0027." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0926", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0926" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-0926", "datePublished": "2019-05-16T18:17:02", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T17:58:59.647Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-0990
Vulnerability from cvelistv5
Published
2019-06-12 13:49
Modified
2024-08-04 18:06
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1023.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0990 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:06:31.274Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0990" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "ChakraCore on ChakraCore", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka \u0027Scripting Engine Information Disclosure Vulnerability\u0027. This CVE ID is unique from CVE-2019-1023." } ], "problemTypes": [ { "descriptions": [ { "description": "Information Disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-06-12T13:49:39", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0990" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-0990", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "ChakraCore on ChakraCore", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka \u0027Scripting Engine Information Disclosure Vulnerability\u0027. This CVE ID is unique from CVE-2019-1023." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information Disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0990", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0990" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-0990", "datePublished": "2019-06-12T13:49:39", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:06:31.274Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-0933
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:59
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0937.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0933 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T17:59:00.083Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0933" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "ChakraCore", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0937." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-05-16T18:17:03", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0933" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-0933", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "ChakraCore", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0937." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0933", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0933" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-0933", "datePublished": "2019-05-16T18:17:03", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T17:59:00.083Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-0927
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:58
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0933, CVE-2019-0937.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0927 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T17:58:59.894Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0927" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "ChakraCore", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0933, CVE-2019-0937." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-05-16T18:17:02", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0927" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-0927", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "ChakraCore", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0933, CVE-2019-0937." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0927", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0927" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-0927", "datePublished": "2019-05-16T18:17:02", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T17:58:59.894Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1131
Vulnerability from cvelistv5
Published
2019-08-14 20:55
Modified
2024-08-04 18:06
Severity ?
EPSS score ?
Summary
Chakra Scripting Engine Memory Corruption Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1131 | x_refsource_MISC |
Impacted products
▼ | Vendor | Product |
---|---|---|
Microsoft | ChakraCore | |
Microsoft | Microsoft Edge (EdgeHTML-based) |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:06:31.678Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1131" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "ChakraCore", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1803 for 32-bit Systems", "Windows 10 Version 1803 for x64-based Systems", "Windows 10 Version 1803 for ARM64-based Systems", "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019", "Windows 10 Version 1709 for 32-bit Systems", "Windows 10 Version 1709 for x64-based Systems", "Windows 10 Version 1709 for ARM64-based Systems", "Windows 10 Version 1903 for 32-bit Systems", "Windows 10 Version 1903 for x64-based Systems", "Windows 10 Version 1903 for ARM64-based Systems" ], "product": "Microsoft Edge (EdgeHTML-based)", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "1.0..0", "versionType": "custom" } ] } ], "datePublic": "2019-08-13T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nIn a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.\nThe security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.\n" } ], "metrics": [ { "cvssV3_1": { "baseScore": 4.2, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T16:50:27.711Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1131" } ], "title": "Chakra Scripting Engine Memory Corruption Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-1131", "datePublished": "2019-08-14T20:55:02", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:06:31.678Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-0937
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:58
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0937 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T17:58:59.564Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0937" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "ChakraCore", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-05-16T18:17:03", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0937" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-0937", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "ChakraCore", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0937", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0937" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-0937", "datePublished": "2019-05-16T18:17:03", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T17:58:59.564Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1104
Vulnerability from cvelistv5
Published
2019-07-29 14:06
Modified
2024-08-04 18:06
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1104 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:06:31.758Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1104" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Internet Explorer 9", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows Server 2008 for 32-bit Systems Service Pack 2" }, { "status": "affected", "version": "Windows Server 2008 for x64-based Systems Service Pack 2" } ] }, { "product": "Internet Explorer 11", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 7 for 32-bit Systems Service Pack 1" }, { "status": "affected", "version": "Windows 7 for x64-based Systems Service Pack 1" }, { "status": "affected", "version": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" }, { "status": "affected", "version": "Windows 8.1 for 32-bit systems" }, { "status": "affected", "version": "Windows 8.1 for x64-based systems" }, { "status": "affected", "version": "Windows Server 2012 R2" }, { "status": "affected", "version": "Windows RT 8.1" }, { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Internet Explorer 11 on Windows Server 2012", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Internet Explorer 10", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows Server 2012" } ] }, { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka \u0027Microsoft Browser Memory Corruption Vulnerability\u0027." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-07-29T14:06:58", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1104" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-1104", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Internet Explorer 9", "version": { "version_data": [ { "version_value": "Windows Server 2008 for 32-bit Systems Service Pack 2" }, { "version_value": "Windows Server 2008 for x64-based Systems Service Pack 2" } ] } }, { "product_name": "Internet Explorer 11", "version": { "version_data": [ { "version_value": "Windows 7 for 32-bit Systems Service Pack 1" }, { "version_value": "Windows 7 for x64-based Systems Service Pack 1" }, { "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" }, { "version_value": "Windows 8.1 for 32-bit systems" }, { "version_value": "Windows 8.1 for x64-based systems" }, { "version_value": "Windows Server 2012 R2" }, { "version_value": "Windows RT 8.1" }, { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Internet Explorer 11 on Windows Server 2012", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Internet Explorer 10", "version": { "version_data": [ { "version_value": "Windows Server 2012" } ] } }, { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka \u0027Microsoft Browser Memory Corruption Vulnerability\u0027." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1104", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1104" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-1104", "datePublished": "2019-07-29T14:06:58", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:06:31.758Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-0923
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:58
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0923 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T17:58:59.901Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0923" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-05-16T18:17:02", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0923" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-0923", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0923", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0923" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-0923", "datePublished": "2019-05-16T18:17:02", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T17:58:59.901Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-0992
Vulnerability from cvelistv5
Published
2019-06-12 13:49
Modified
2024-08-04 18:06
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0992 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:06:30.746Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0992" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-06-12T13:49:39", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0992" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-0992", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0992", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0992" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-0992", "datePublished": "2019-06-12T13:49:39", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:06:30.746Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1193
Vulnerability from cvelistv5
Published
2019-08-14 20:55
Modified
2024-08-04 18:13
Severity ?
EPSS score ?
Summary
Microsoft Browser Memory Corruption Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1193 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2019-1193", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-05T14:10:38.161264Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-05T14:10:56.666Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T18:13:29.867Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1193" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2012" ], "product": "Internet Explorer 10", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "1.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1703 for 32-bit Systems", "Windows 10 Version 1703 for x64-based Systems", "Windows 10 Version 1803 for 32-bit Systems", "Windows 10 Version 1803 for x64-based Systems", "Windows 10 Version 1803 for ARM64-based Systems", "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019", "Windows 10 Version 1709 for 32-bit Systems", "Windows 10 Version 1709 for x64-based Systems", "Windows 10 Version 1709 for ARM64-based Systems", "Windows 10 Version 1903 for 32-bit Systems", "Windows 10 Version 1903 for x64-based Systems", "Windows 10 Version 1903 for ARM64-based Systems", "Windows 10 for 32-bit Systems", "Windows 10 for x64-based Systems", "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016", "Windows 7 for 32-bit Systems Service Pack 1", "Windows 7 for x64-based Systems Service Pack 1", "Windows 8.1 for 32-bit systems", "Windows 8.1 for x64-based systems", "Windows RT 8.1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2012", "Windows Server 2012 R2" ], "product": "Internet Explorer 11", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "1.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1703 for 32-bit Systems", "Windows 10 Version 1703 for x64-based Systems", "Windows 10 Version 1803 for 32-bit Systems", "Windows 10 Version 1803 for x64-based Systems", "Windows 10 Version 1803 for ARM64-based Systems", "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019", "Windows 10 Version 1709 for 32-bit Systems", "Windows 10 Version 1709 for x64-based Systems", "Windows 10 Version 1709 for ARM64-based Systems", "Windows 10 Version 1903 for 32-bit Systems", "Windows 10 Version 1903 for x64-based Systems", "Windows 10 Version 1903 for ARM64-based Systems", "Windows 10 for 32-bit Systems", "Windows 10 for x64-based Systems", "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016" ], "product": "Microsoft Edge (EdgeHTML-based)", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "1.0..0", "versionType": "custom" } ] } ], "datePublic": "2019-08-13T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, the attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nAn attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft browsers, and then convince a user to view the website. The attacker could also take advantage of compromised websites, or websites that accept or host user-provided content or advertisements, by adding specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically via an enticement in email or instant message, or by getting them to open an email attachment.\nThe security update addresses the vulnerability by modifying how Microsoft browsers handle objects in memory.\n" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T16:50:36.873Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1193" } ], "title": "Microsoft Browser Memory Corruption Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-1193", "datePublished": "2019-08-14T20:55:04", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:13:29.867Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-0989
Vulnerability from cvelistv5
Published
2019-06-12 13:49
Modified
2024-08-04 18:06
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0989 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:06:30.848Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0989" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "ChakraCore on ChakraCore", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-06-12T13:49:39", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0989" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-0989", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "ChakraCore on ChakraCore", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0989", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0989" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-0989", "datePublished": "2019-06-12T13:49:39", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:06:30.848Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-0912
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:58
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0912 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T17:58:59.925Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0912" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "ChakraCore", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-05-16T18:17:02", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0912" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-0912", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "ChakraCore", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0912", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0912" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-0912", "datePublished": "2019-05-16T18:17:02", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T17:58:59.925Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-0993
Vulnerability from cvelistv5
Published
2019-06-12 13:49
Modified
2024-08-04 18:06
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0993 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:06:30.943Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0993" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "ChakraCore on ChakraCore", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-06-12T13:49:39", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0993" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-0993", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "ChakraCore on ChakraCore", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0993", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0993" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-0993", "datePublished": "2019-06-12T13:49:39", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:06:30.943Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1197
Vulnerability from cvelistv5
Published
2019-08-14 20:55
Modified
2024-08-04 18:13
Severity ?
EPSS score ?
Summary
Chakra Scripting Engine Memory Corruption Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1197 | x_refsource_MISC |
Impacted products
▼ | Vendor | Product |
---|---|---|
Microsoft | ChakraCore | |
Microsoft | Microsoft Edge (EdgeHTML-based) |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2019-1197", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-19T19:05:12.976030Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-19T19:05:19.171Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T18:13:29.263Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1197" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "ChakraCore", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1703 for 32-bit Systems", "Windows 10 Version 1703 for x64-based Systems", "Windows 10 Version 1803 for 32-bit Systems", "Windows 10 Version 1803 for x64-based Systems", "Windows 10 Version 1803 for ARM64-based Systems", "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019", "Windows 10 Version 1709 for 32-bit Systems", "Windows 10 Version 1709 for x64-based Systems", "Windows 10 Version 1709 for ARM64-based Systems", "Windows 10 Version 1903 for 32-bit Systems", "Windows 10 Version 1903 for x64-based Systems", "Windows 10 Version 1903 for ARM64-based Systems", "Windows 10 for 32-bit Systems", "Windows 10 for x64-based Systems", "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016" ], "product": "Microsoft Edge (EdgeHTML-based)", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "1.0..0", "versionType": "custom" } ] } ], "datePublic": "2019-08-13T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nIn a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.\nThe security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.\n" } ], "metrics": [ { "cvssV3_1": { "baseScore": 4.2, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T16:50:38.863Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1197" } ], "title": "Chakra Scripting Engine Memory Corruption Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-1197", "datePublished": "2019-08-14T20:55:05", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:13:29.263Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-0924
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:58
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0924 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T17:58:59.634Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0924" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "ChakraCore", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-05-16T18:17:02", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0924" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-0924", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "ChakraCore", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0924", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0924" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-0924", "datePublished": "2019-05-16T18:17:02", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T17:58:59.634Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1140
Vulnerability from cvelistv5
Published
2019-08-14 20:55
Modified
2024-08-04 18:06
Severity ?
EPSS score ?
Summary
Chakra Scripting Engine Memory Corruption Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1140 | x_refsource_MISC |
Impacted products
▼ | Vendor | Product |
---|---|---|
Microsoft | ChakraCore | |
Microsoft | Microsoft Edge (EdgeHTML-based) |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2019-1140", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-01T16:40:43.823511Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-01T16:40:58.341Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T18:06:31.787Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1140" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "ChakraCore", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1703 for 32-bit Systems", "Windows 10 Version 1703 for x64-based Systems", "Windows 10 Version 1803 for 32-bit Systems", "Windows 10 Version 1803 for x64-based Systems", "Windows 10 Version 1803 for ARM64-based Systems", "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019", "Windows 10 Version 1709 for 32-bit Systems", "Windows 10 Version 1709 for x64-based Systems", "Windows 10 Version 1709 for ARM64-based Systems", "Windows 10 Version 1903 for 32-bit Systems", "Windows 10 Version 1903 for x64-based Systems", "Windows 10 Version 1903 for ARM64-based Systems", "Windows 10 for 32-bit Systems", "Windows 10 for x64-based Systems", "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016" ], "product": "Microsoft Edge (EdgeHTML-based)", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "1.0..0", "versionType": "custom" } ] } ], "datePublic": "2019-08-13T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nIn a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.\nThe security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.\n" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T16:50:29.216Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1140" } ], "title": "Chakra Scripting Engine Memory Corruption Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-1140", "datePublished": "2019-08-14T20:55:02", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:06:31.787Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-0884
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:58
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0911, CVE-2019-0918.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0884 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T17:58:59.563Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0884" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Internet Explorer 9", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows Server 2008 for 32-bit Systems Service Pack 2" }, { "status": "affected", "version": "Windows Server 2008 for x64-based Systems Service Pack 2" } ] }, { "product": "Internet Explorer 11", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 7 for 32-bit Systems Service Pack 1" }, { "status": "affected", "version": "Windows 7 for x64-based Systems Service Pack 1" }, { "status": "affected", "version": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" }, { "status": "affected", "version": "Windows 8.1 for 32-bit systems" }, { "status": "affected", "version": "Windows 8.1 for x64-based systems" }, { "status": "affected", "version": "Windows Server 2012 R2" }, { "status": "affected", "version": "Windows RT 8.1" }, { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Internet Explorer 11 on Windows Server 2012", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Internet Explorer 10", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows Server 2012" } ] }, { "product": "Microsoft Edge", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "Windows 10 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 for x64-based Systems" }, { "status": "affected", "version": "Windows Server 2016" }, { "status": "affected", "version": "Windows 10 Version 1607 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1607 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1703 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1709 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1803 for ARM64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for 32-bit Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for x64-based Systems" }, { "status": "affected", "version": "Windows 10 Version 1809 for ARM64-based Systems" }, { "status": "affected", "version": "Windows Server 2019" }, { "status": "affected", "version": "Windows 10 Version 1709 for ARM64-based Systems" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0911, CVE-2019-0918." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-05-16T18:17:01", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0884" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-0884", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Internet Explorer 9", "version": { "version_data": [ { "version_value": "Windows Server 2008 for 32-bit Systems Service Pack 2" }, { "version_value": "Windows Server 2008 for x64-based Systems Service Pack 2" } ] } }, { "product_name": "Internet Explorer 11", "version": { "version_data": [ { "version_value": "Windows 7 for 32-bit Systems Service Pack 1" }, { "version_value": "Windows 7 for x64-based Systems Service Pack 1" }, { "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" }, { "version_value": "Windows 8.1 for 32-bit systems" }, { "version_value": "Windows 8.1 for x64-based systems" }, { "version_value": "Windows Server 2012 R2" }, { "version_value": "Windows RT 8.1" }, { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Internet Explorer 11 on Windows Server 2012", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Internet Explorer 10", "version": { "version_data": [ { "version_value": "Windows Server 2012" } ] } }, { "product_name": "Microsoft Edge", "version": { "version_data": [ { "version_value": "Windows 10 for 32-bit Systems" }, { "version_value": "Windows 10 for x64-based Systems" }, { "version_value": "Windows Server 2016" }, { "version_value": "Windows 10 Version 1607 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1607 for x64-based Systems" }, { "version_value": "Windows 10 Version 1703 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1703 for x64-based Systems" }, { "version_value": "Windows 10 Version 1709 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1709 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1803 for x64-based Systems" }, { "version_value": "Windows 10 Version 1803 for ARM64-based Systems" }, { "version_value": "Windows 10 Version 1809 for 32-bit Systems" }, { "version_value": "Windows 10 Version 1809 for x64-based Systems" }, { "version_value": "Windows 10 Version 1809 for ARM64-based Systems" }, { "version_value": "Windows Server 2019" }, { "version_value": "Windows 10 Version 1709 for ARM64-based Systems" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0911, CVE-2019-0918." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0884", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0884" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-0884", "datePublished": "2019-05-16T18:17:01", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T17:58:59.563Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }