Description
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, gain privileges, obtain sensitive information.
Below is a complete list of vulnerabilities:
- A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
- A memory corruption vulnerability in Internet Explorer can be exploited remotely via specially crafted website to execute arbitrary code.
- A memory corruption vulnerability in Microsoft Browser can be exploited remotely via specially crafted website to execute arbitrary code.
- A remote code execution vulnerability in Windows VBScript Engine can be exploited remotely via specially crafted website to execute arbitrary code.
- A security feature bypass vulnerability in Microsoft Browsers can be exploited remotely via specially crafted website to bypass security restrictions.
- A security feature bypass vulnerability in Internet Explorer can be exploited remotely via specially crafted to bypass security restrictions.
- A security feature bypass vulnerability in Internet Explorer can be exploited remotely via specially crafted content to bypass security restrictions.
- A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to gain privileges.
- An elevation of privilege vulnerability in Microsoft Edge can be exploited remotely via specially crafted content to execute arbitrary code.
- A memory corruption vulnerability in Microsoft Edge can be exploited remotely via specially crafted website to obtain sensitive information.
- A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
- A memory corruption vulnerability in Scripting Engine can be exploited remotely to execute arbitrary code.
- A security feature bypass vulnerability in Microsoft Edge can be exploited remotely to bypass security restrictions.
- A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to obtain sensitive information.
Original advisories
- CVE-2019-0763
- CVE-2019-0783
- CVE-2019-0780
- CVE-2019-0667
- CVE-2019-0762
- CVE-2019-0761
- CVE-2019-0769
- CVE-2019-0768
- CVE-2019-0592
- CVE-2019-0680
- CVE-2019-0770
- CVE-2019-0678
- CVE-2019-0771
- CVE-2019-0779
- CVE-2019-0746
- CVE-2019-0666
- CVE-2019-0639
- CVE-2019-0665
- CVE-2019-0612
- CVE-2019-0609
- CVE-2019-0611
Exploitation
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Related products
CVE list
- CVE-2019-0773 critical
- CVE-2019-0763 critical
- CVE-2019-0783 critical
- CVE-2019-0780 critical
- CVE-2019-0667 critical
- CVE-2019-0762 warning
- CVE-2019-0761 warning
- CVE-2019-0769 critical
- CVE-2019-0768 warning
- CVE-2019-0592 critical
- CVE-2019-0680 critical
- CVE-2019-0770 critical
- CVE-2019-0678 warning
- CVE-2019-0771 critical
- CVE-2019-0779 critical
- CVE-2019-0746 warning
- CVE-2019-0666 critical
- CVE-2019-0639 critical
- CVE-2019-0665 critical
- CVE-2019-0612 warning
- CVE-2019-0609 critical
- CVE-2019-0611 critical
KB list
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!