CVE-2019-1038

Status: Analyzed

Last modified: 24-08-2020

Published: 12-06-2019

7.5

SUMMARY CVE-2019-1038

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'.

Access CVSS3 CVE-2019-1038

Attack Complexity	Attack Vector	Privileges Required	Scope	User Interaction
HIGH	NETWORK	NONE	UNCHANGED	REQUIRED

Impact CVSS3 CVE-2019-1038

Confidentiality	Integrity	Availability
HIGH	HIGH	HIGH

Details CVE-2019-1038

EPSS	0.01626
EPSS %	0.87846
References	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1038
CWE	CWE-787
Vulnerable Configurations	cpe:2.3:a:microsoft:internet_explorer:10:::::::* cpe:2.3:a:microsoft:internet_explorer:10:::::::* cpe:2.3:o:microsoft:windows_server_2012:-:::::::* cpe:2.3:o:microsoft:windows_server_2012:-:::::::* cpe:2.3:a:microsoft:internet_explorer:11:-:::::: cpe:2.3:a:microsoft:internet_explorer:11:-:::::: cpe:2.3:o:microsoft:windows_10:-:::::::* cpe:2.3:o:microsoft:windows_10:-:::::::* cpe:2.3:o:microsoft:windows_10:1607:::::::* cpe:2.3:o:microsoft:windows_10:1607:::::::* cpe:2.3:o:microsoft:windows_10:1703:::::::* cpe:2.3:o:microsoft:windows_10:1703:::::::* cpe:2.3:o:microsoft:windows_10:1709:::::::* cpe:2.3:o:microsoft:windows_10:1709:::::::* cpe:2.3:o:microsoft:windows_10:1803:::::::* cpe:2.3:o:microsoft:windows_10:1803:::::::* cpe:2.3:o:microsoft:windows_10:1809:::::::* cpe:2.3:o:microsoft:windows_10:1809:::::::* cpe:2.3:o:microsoft:windows_10:1903:::::::* cpe:2.3:o:microsoft:windows_10:1903:::::::* cpe:2.3:o:microsoft:windows_7:-:sp1:::::: cpe:2.3:o:microsoft:windows_7:-:sp1:::::: cpe:2.3:o:microsoft:windows_8.1:-:::::::* cpe:2.3:o:microsoft:windows_8.1:-:::::::* cpe:2.3:o:microsoft:windows_rt_8.1:-:::::::* cpe:2.3:o:microsoft:windows_rt_8.1:-:::::::* cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:::::x64:* cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:::::x64:* cpe:2.3:o:microsoft:windows_server_2012:r2:::::::* cpe:2.3:o:microsoft:windows_server_2012:r2:::::::* cpe:2.3:o:microsoft:windows_server_2016:-:::::::* cpe:2.3:o:microsoft:windows_server_2016:-:::::::* cpe:2.3:o:microsoft:windows_server_2019:-:::::::* cpe:2.3:o:microsoft:windows_server_2019:-:::::::* cpe:2.3:a:microsoft:edge:-:::::::* cpe:2.3:a:microsoft:edge:-:::::::*
CVSS3 Source	nvd@nist.gov
CVSS3 Type	Primary
CVSS3 Vector	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

ATOM RSS Feed Link for CVE Vulnerabilities

CVE Data Propulsed by AKAOMA CyberSecurity