CVE-2019-0924: Detailed Vulnerability Analysis and Overview

CVE-2019-0924 Vulnerability Summary

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.

CVE-2019-0924: Detailed Information and External References

EPSS

0.03394

EPSS %

0.91649

References

0.03394

• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0924

CWE

CWE-787

Vulnerable Configurations

• cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*
• cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
  cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
• cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
  cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
• cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
  cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
• cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
  cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
• cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*
  cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*
• cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*
  cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*
• cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
  cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
• cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
  cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
• cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*
  cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:-:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:-:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.2.0:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.2.0:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.2.0.0:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.2.0.0:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.2.1:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.2.1:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.2.2:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.2.2:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.2.3:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.2.3:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.3.0:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.3.0:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.3.1:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.3.1:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.3.2:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.3.2:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.4.0:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.4.0:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.4.1:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.4.1:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.4.2:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.4.2:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.4.3:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.4.3:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.4.4:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.4.4:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.4.5:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.4.5:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.5.0:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.5.1:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.5.2:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.5.2:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.5.3:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.5.3:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.6.0:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.6.0:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.6.1:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.6.1:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.6.2:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.6.2:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.7.0:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.7.0:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.7.1:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.7.1:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.7.2:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.7.2:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.7.3:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.7.3:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.7.4:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.7.4:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.7.5:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.7.5:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.7.6:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.7.6:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.8.0:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.8.0:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.8.1:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.8.1:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.8.2:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.8.2:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.8.3:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.8.3:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.8.4:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.8.4:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.8.5:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.8.5:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.10.0:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.10.0:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.10.1:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.10.1:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.10.2:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.10.2:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.11.0:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.11.0:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.11.1:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.11.1:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.11.2:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.11.2:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.11.3:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.11.3:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.11.4:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.11.4:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.11.5:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.11.5:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.11.6:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.11.6:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.11.7:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.11.7:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:chakracore:1.11.8:*:*:*:*:*:*:*
  cpe:2.3:a:microsoft:chakracore:1.11.8:*:*:*:*:*:*:*

CVSS3 Source

nvd@nist.gov

CVSS3 Type

Primary

CVSS3 Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H