Msrc Microsoft Edge vulnerabilities

CVE-2019-1366 [HIGH] Chakra Scripting Engine Memory Corruption Vulnerability Chakra Scripting Engine Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the

CVE-2019-1308 [HIGH] Chakra Scripting Engine Memory Corruption Vulnerability Chakra Scripting Engine Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the

CVE-2019-1307 [HIGH] Chakra Scripting Engine Memory Corruption Vulnerability Chakra Scripting Engine Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the

CVE-2019-1357 [MEDIUM] Microsoft Browser Spoofing Vulnerability Microsoft Browser Spoofing Vulnerability Description: A spoofing vulnerability exists when Microsoft Browsers improperly handle browser cookies. An attacker who successfully exploited this vulnerability could trick a browser into overwriting a secure cookie with an insecure cookie. The insecure cookie could serve as a pivot to chain an attack with other vulnerabilities in web services. To exploit the vulnerability, the user must ei

CVE-2019-0608 [MEDIUM] Microsoft Browser Spoofing Vulnerability Microsoft Browser Spoofing Vulnerability Description: A spoofing vulnerability exists when Microsoft Browsers does not properly parse HTTP content. An attacker who successfully exploited this vulnerability could impersonate a user request by crafting HTTP queries. The specially crafted website could either spoof content or serve as a pivot to chain an attack with other vulnerabilities in web services. To exploit the vulnerability,

CVE-2019-1300 [HIGH] Chakra Scripting Engine Memory Corruption Vulnerability Chakra Scripting Engine Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the

CVE-2019-1220 [MEDIUM] Microsoft Browser Security Feature Bypass Vulnerability Microsoft Browser Security Feature Bypass Vulnerability Description: A security feature bypass vulnerability exists when Microsoft Browsers fail to validate the correct Security Zone of requests for specific URLs. This could allow an attacker to cause a user to access a URL in a less restricted Internet Security Zone than intended. To exploit this vulnerability, an attacker could email or otherwise provide a speciall

CVE-2019-1140 [HIGH] Chakra Scripting Engine Memory Corruption Vulnerability Chakra Scripting Engine Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the

CVE-2019-1193 [MEDIUM] Microsoft Browser Memory Corruption Vulnerability Microsoft Browser Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the c

CVE-2019-1197 [MEDIUM] Chakra Scripting Engine Memory Corruption Vulnerability Chakra Scripting Engine Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain t

CVE-2019-1139 [MEDIUM] Chakra Scripting Engine Memory Corruption Vulnerability Chakra Scripting Engine Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain t

CVE-2019-1192 [MEDIUM] Microsoft Browsers Security Feature Bypass Vulnerability Microsoft Browsers Security Feature Bypass Vulnerability Description: A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests of different origins. The vulnerability allows Microsoft browsers to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored. An attacker who successfully exploited the vulnerability could force the browser

CVE-2019-1001 [HIGH] Scripting Engine Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current us

CVE-2019-1104 [HIGH] Microsoft Browser Memory Corruption Vulnerability Microsoft Browser Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the cur

CVE-2019-1062 [HIGH] Chakra Scripting Engine Memory Corruption Vulnerability Chakra Scripting Engine Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the

CVE-2019-1092 [HIGH] Chakra Scripting Engine Memory Corruption Vulnerability Chakra Scripting Engine Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the

CVE-2019-1107 [HIGH] Chakra Scripting Engine Memory Corruption Vulnerability Chakra Scripting Engine Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the

CVE-2019-1103 [HIGH] Chakra Scripting Engine Memory Corruption Vulnerability Chakra Scripting Engine Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the

CVE-2019-0988 [HIGH] Scripting Engine Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current us

CVE-2019-1052 [MEDIUM] Chakra Scripting Engine Memory Corruption Vulnerability Chakra Scripting Engine Memory Corruption Vulnerability Description: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain t