CVE-2019-0680Out-of-bounds Write in Microsoft Internet Explorer 11

CWE-787Out-of-bounds WriteCWE-190Integer Overflow or Wraparound9 documents5 sources
Severity
7.5HIGHNVD
EPSS
7.2%
top 8.41%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft Internet Explorer 11Microsoft Internet Explorer
Timeline
PublishedApr 9
Latest updateMay 13

Description

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

Affected Packages2 packages

CVEListV5microsoft/internet_explorer_1124 versions+23

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

7
GHSA
GHSA-x9h5-mw77-vf6f: A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engin2022-05-13
GHSA
High severity vulnerability that affects Microsoft.ChakraCore2019-04-09
GHSA
High severity vulnerability that affects Microsoft.ChakraCore2019-04-09
GHSA
High severity vulnerability that affects Microsoft.ChakraCore2019-04-09
GHSA
High severity vulnerability that affects Microsoft.ChakraCore2019-04-09

📋Vendor Advisories

1
Microsoft
Scripting Engine Memory Corruption Vulnerability2019-03-12
CVE-2019-0680 — Out-of-bounds Write in Microsoft | cvebase