Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2019-0739
HistoryApr 09, 2019 - 9:29 p.m.

CVE-2019-0739

2019-04-0921:29:00
CWE-787
[email protected]
web.nvd.nist.gov
7

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.7

Confidence

High

EPSS

0.958

Percentile

99.5%

JSON

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka ‘Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2019-0752, CVE-2019-0753, CVE-2019-0862.

Affected configurations

Nvd
Node
microsoftwindows_10Match-
OR
microsoftwindows_10Match1607
OR
microsoftwindows_10Match1703
OR
microsoftwindows_10Match1709
OR
microsoftwindows_10Match1803
OR
microsoftwindows_10Match1809
OR
microsoftwindows_server_2016Match-
OR
microsoftwindows_server_2019Match-
AND
microsoftedgeMatch-
Node
microsoftchakracoreRange<1.11.8
VendorProductVersionCPE
microsoftwindows_10-cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
microsoftwindows_101607cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
microsoftwindows_101703cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
microsoftwindows_101709cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
microsoftwindows_101803cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*
microsoftwindows_101809cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*
microsoftwindows_server_2016-cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
microsoftwindows_server_2019-cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*
microsoftedge-cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*
microsoftchakracore*cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*

Related

cvelist 4
osv 1
nvd 3
prion 4
cve 4
attackerkb 3
mskb 10
nessus 8
symantec 4
kaspersky 1
mscve 4
zdi 1
cisa_kev 1
checkpoint_advisories 3
githubexploit 1
veracode 1
exploitdb 1
packetstorm 1
exploitpack 1
zdt 1
malwarebytes 1
thn 2
openvas 9
cisa 1
talosblog 1
qualysblog 1
cvelist
cvelist
CVE-2019-0753
2019-04-09 20:15:16
CVE-2019-0862
2019-04-09 20:19:48
CVE-2019-0739
2019-04-09 20:15:16
osv
osv
CVE-2019-0739
2019-04-09 21:29:00
nvd
nvd
CVE-2019-0862
2019-04-09 21:29:02
CVE-2019-0752
2019-04-09 21:29:00
CVE-2019-0753
2019-04-09 21:29:00
prion
prion
Remote code execution
2019-04-09 21:29:00
Remote code execution
2019-04-09 21:29:00
Remote code execution
2019-04-09 21:29:00
cve
cve
CVE-2019-0862
2019-04-09 21:29:02
CVE-2019-0752
2019-04-09 21:29:00
CVE-2019-0739
2019-04-09 21:29:00
attackerkb
attackerkb
CVE-2019-0753
2019-04-09 00:00:00
CVE-2019-0862
2019-04-09 00:00:00
CVE-2019-0752
2019-04-09 00:00:00
mskb
mskb
Cumulative security update for Internet Explorer: April 9, 2019
2019-04-09 07:00:00
April 9, 2019—KB4493475 (OS Build 10240.18186)
2019-04-09 07:00:00
April 9, 2019—KB4493474 (OS Build 15063.1746)
2019-04-09 07:00:00
nessus
nessus
Security Updates for Internet Explorer (April 2019)
2019-04-09 00:00:00
KB4493470: Windows 10 Version 1607 and Windows Server 2016 April 2019 Security Update
2019-04-09 00:00:00
KB4493448: Windows 7 and Windows Server 2008 R2 April 2019 Security Update
2019-04-09 00:00:00
symantec
symantec
Microsoft Internet Explorer VBScript Engine CVE-2019-0862 Remote Code Execution Vulnerability
2019-04-09 00:00:00
Microsoft Internet Explorer CVE-2019-0752 Remote Memory Corruption Vulnerability
2019-04-09 00:00:00
Microsoft Edge Chakra Scripting Engine CVE-2019-0739 Remote Memory Corruption Vulnerability
2019-04-09 00:00:00
kaspersky
kaspersky
KLA11462 Multiple vulnerabilities in Microsoft Browsers
2019-04-09 00:00:00
mscve
mscve
Scripting Engine Memory Corruption Vulnerability
2019-04-09 07:00:00
Scripting Engine Memory Corruption Vulnerability
2019-04-09 07:00:00
Scripting Engine Memory Corruption Vulnerability
2019-04-09 07:00:00
zdi
zdi
Microsoft Internet Explorer Property Put Type Confusion Remote Code Execution Vulnerability
2019-04-15 00:00:00
cisa_kev
cisa_kev
Microsoft Internet Explorer Type Confusion Vulnerability
2022-02-15 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2019-0752)
2019-04-09 00:00:00
Microsoft Windows VBScript Engine Remote Code Execution (CVE-2019-0862)
2019-04-09 00:00:00
Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2019-0753)
2019-04-09 00:00:00
githubexploit
githubexploit
Exploit for Type Confusion in Microsoft
2020-12-18 22:53:16
veracode
veracode
Remote Code Execution (RCE)
2019-05-17 06:23:17
exploitdb
exploitdb
Microsoft Internet Explorer Windows 10 1809 17763.316 - Scripting Engine Memory Corruption
2019-05-24 00:00:00
packetstorm
packetstorm
Microsoft Internet Explorer Windows 10 1809 17763.316 Memory Corruption
2019-05-24 00:00:00
exploitpack
exploitpack
Microsoft Internet Explorer Windows 10 1809 17763.316 - Scripting Engine Memory Corruption
2019-05-24 00:00:00
zdt
zdt
Microsoft Internet Explorer Windows 10 1809 17763.316 - Scripting Engine Memory Corruption Exploit
2019-05-24 00:00:00
malwarebytes
malwarebytes
Malvertising campaigns come back in full swing
2020-09-09 17:07:14
thn
thn
RIG Exploit Kit Now Infects Victims' PCs With Dridex Instead of Raccoon Stealer
2022-06-22 05:41:00
Researchers Share New Insights Into RIG Exploit Kit Malware's Operations
2023-02-27 15:33:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4493475)
2019-04-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4493470)
2019-04-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4493474)
2019-04-10 00:00:00
cisa
cisa
CISA Adds Nine Known Exploited Vulnerabilities to Catalog
2022-02-15 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday — April 2019: Vulnerability disclosures and Snort coverage
2019-04-09 11:10:02
qualysblog
qualysblog
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.7

Confidence

High

EPSS

0.958

Percentile

99.5%

JSON
Related for NVD:CVE-2019-0739
cvelist4osv1nvd3prion4cve4attackerkb3mskb10nessus8symantec4kaspersky1mscve4zdi1cisa_kev1checkpoint_advisories3githubexploit1veracode1exploitdb1packetstorm1exploitpack1zdt1malwarebytes1thn2openvas9cisa1talosblog1qualysblog1