Multiple vulnerabilities in Microsoft Browsers

Описание

Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, gain privileges, obtain sensitive information.

Below is a complete list of vulnerabilities:

1. A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
2. A memory corruption vulnerability in Internet Explorer can be exploited remotely via specially crafted website to execute arbitrary code.
3. A memory corruption vulnerability in Microsoft Browser can be exploited remotely via specially crafted website to execute arbitrary code.
4. A remote code execution vulnerability in Windows VBScript Engine can be exploited remotely via specially crafted website to execute arbitrary code.
5. A security feature bypass vulnerability in Microsoft Browsers can be exploited remotely via specially crafted website to bypass security restrictions.
6. A security feature bypass vulnerability in Internet Explorer can be exploited remotely via specially crafted to bypass security restrictions.
7. A security feature bypass vulnerability in Internet Explorer can be exploited remotely via specially crafted content to bypass security restrictions.
8. A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to gain privileges.
9. An elevation of privilege vulnerability in Microsoft Edge can be exploited remotely via specially crafted content to execute arbitrary code.
10. A memory corruption vulnerability in Microsoft Edge can be exploited remotely via specially crafted website to obtain sensitive information.
11. A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
12. A memory corruption vulnerability in Scripting Engine can be exploited remotely to execute arbitrary code.
13. A security feature bypass vulnerability in Microsoft Edge can be exploited remotely to bypass security restrictions.
14. A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to obtain sensitive information.

Первичный источник обнаружения

• CVE-2019-0773
  CVE-2019-0763
  CVE-2019-0783
  CVE-2019-0780
  CVE-2019-0667
  CVE-2019-0762
  CVE-2019-0761
  CVE-2019-0769
  CVE-2019-0768
  CVE-2019-0592
  CVE-2019-0680
  CVE-2019-0770
  CVE-2019-0678
  CVE-2019-0771
  CVE-2019-0779
  CVE-2019-0746
  CVE-2019-0666
  CVE-2019-0639
  CVE-2019-0665
  CVE-2019-0612
  CVE-2019-0609
  CVE-2019-0611
  

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Internet-Explorer
• Microsoft-Edge

Список CVE

• CVE-2019-0773
  critical
• CVE-2019-0763
  critical
• CVE-2019-0783
  critical
• CVE-2019-0780
  critical
• CVE-2019-0667
  critical
• CVE-2019-0762
  warning
• CVE-2019-0761
  warning
• CVE-2019-0769
  critical
• CVE-2019-0768
  warning
• CVE-2019-0592
  critical
• CVE-2019-0680
  critical
• CVE-2019-0770
  critical
• CVE-2019-0678
  warning
• CVE-2019-0771
  critical
• CVE-2019-0779
  critical
• CVE-2019-0746
  warning
• CVE-2019-0666
  critical
• CVE-2019-0639
  critical
• CVE-2019-0665
  critical
• CVE-2019-0612
  warning
• CVE-2019-0609
  critical
• CVE-2019-0611
  critical

Список KB

• 4489881
• 4489891
• 4489878
• 4489886
• 4489899
• 4489871
• 4489868
• 4489872
• 4489882
• 4489873

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com