⚠ Actively exploited

Added to CISA KEV on 2021-11-03. Federal agencies required to patch by 2022-05-03. Required action: Apply updates per vendor instructions..

CVE-2019-1429

CWE-416 — Use After Free CWE-787 — Out-of-bounds Write16 documents11 sources

Severity

7.5HIGH

EPSS

83.0%

top 0.74%

CISA KEV

KEV

Added 2021-11-03

Due 2022-05-03

Exploit

Exploited in wild

Active exploitation observed

Affected products

Microsoft Internet Explorer 10 Microsoft Internet Explorer 11 Microsoft Internet Explorer 11 ON Windows 10 Version 1903 FOR 32-bit Systems +5 more

Timeline

PublishedNov 12

KEV addedNov 3

KEV dueMay 3

Latest updateMay 24

CISA Required Action: Apply updates per vendor instructions.

Description

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1427, CVE-2019-1428.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

Affected Packages8 packages

▶NVDmicrosoft/internet_explorer10, 11, 9+2

▶CVEListV5microsoft/internet_explorer_9Windows Server 2008 for 32-bit Systems Service Pack 2, Windows Server 2008 for x64-based Systems Service Pack 2+1

▶CVEListV5microsoft/internet_explorer_10Windows Server 2012

▶CVEListV5microsoft/internet_explorer_1122 versions+21

▶CVEListV5microsoft/internet_explorer_11_on_windows_server_2012unspecified

Patches

Patch: portal.msrc.microsoft.com ↗Patch: portal.msrc.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-w54g-9jxp-4pf9: A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engin↗2022-05-24

▶

Project0

Déjà vu-lnerability - Project Zero↗2021-02-01

▶

Project0

Root Cause Analyses for 0-day In-the-Wild Exploits - Project Zero↗2020-07-01

▶

Project0

Detection Deficit: A Year in Review of 0-days Used In-The-Wild in 2019 - Project Zero↗2020-07-01

▶

CVEList

CVE-2019-1429: A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engin↗2019-11-12

▶

💥Exploits & PoCs

Exploit-DB

Internet Explorer - Use-After-Free in JScript Arguments During toJSON Callback↗2019-11-22

▶

📋Vendor Advisories

CISA

Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability↗2021-11-03

▶

Microsoft

Scripting Engine Memory Corruption Vulnerability↗2019-11-12

▶

External resources

NVD MITRE CISA KEV

Affected products8

Microsoft Internet Explorerv10v11v9

Microsoft Internet Explorer 10vWindows Server 2012

Microsoft Internet Explorer 11vWindows 10 Version 1607 for 32-bit SystemsvWindows 10 Version 1607 for x64-based SystemsvWindows 10 Version 1709 for 32-bit Systems+19 more

Microsoft Internet Explorer 11 ON Windows 10 Version 1903 FOR 32-bit Systemsvunspecified

Microsoft Internet Explorer 11 ON Windows 10 Version 1903 FOR Arm64-based Systemsvunspecified

Microsoft Internet Explorer 11 ON Windows 10 Version 1903 FOR X64-based Systemsvunspecified

Microsoft Internet Explorer 11 ON Windows Server 2012vunspecified

Microsoft Internet Explorer 9vWindows Server 2008 for 32-bit Systems Service Pack 2vWindows Server 2008 for x64-based Systems Service Pack 2

Disclosure

PublishedNov 12, 2019

KEV addedNov 3, 2021

KEV dueMay 3, 2022

Latest updateMay 24, 2022