CVE-2019-0940

EPSS 23.1%

Vexday Risk Score

8Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS —EPSS 23.1%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

16 may 2019Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'.

Productos afectados

Microsoft · Internet Explorer 10 Microsoft · Internet Explorer 11 Microsoft · Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems Microsoft · Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems Microsoft · Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems Microsoft · Internet Explorer 11 on Windows Server 2012 Microsoft · Microsoft Edge Microsoft · Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems Microsoft · Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems Microsoft · Microsoft Edge on Windows 10 Version 1903 for x64-based Systems

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0940