CVE-2019-0911
CVE-2019-0911
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 9.1%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
16 May 2019Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0884, CVE-2019-0918.
Affected products
Microsoft · ChakraCoreMicrosoft · Internet Explorer 10Microsoft · Internet Explorer 11Microsoft · Internet Explorer 11 on Windows 10 Version 1903 for 32-bit SystemsMicrosoft · Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based SystemsMicrosoft · Internet Explorer 11 on Windows 10 Version 1903 for x64-based SystemsMicrosoft · Internet Explorer 11 on Windows Server 2012Microsoft · Microsoft EdgeMicrosoft · Microsoft Edge on Windows 10 Version 1903 for 32-bit SystemsMicrosoft · Microsoft Edge on Windows 10 Version 1903 for ARM64-based SystemsMicrosoft · Microsoft Edge on Windows 10 Version 1903 for x64-based Systems