Vulnerabilites related to Microsoft - ChakraCore
CVE-2019-0607 (GCVE-0-2019-0607)
Vulnerability from cvelistv5
Published
2019-03-06 00:00
Modified
2024-08-04 17:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:51:27.146Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106907",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106907"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0607"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"datePublic": "2019-03-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-06T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "106907",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106907"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0607"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0607",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106907",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106907"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0607",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0607"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0607",
"datePublished": "2019-03-06T00:00:00",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:51:27.146Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0642 (GCVE-0-2019-0642)
Vulnerability from cvelistv5
Published
2019-03-06 00:00
Modified
2024-08-04 17:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:51:26.849Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0642"
},
{
"name": "106911",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106911"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"datePublic": "2019-03-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-06T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0642"
},
{
"name": "106911",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106911"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0642",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0642",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0642"
},
{
"name": "106911",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106911"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0642",
"datePublished": "2019-03-06T00:00:00",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:51:26.849Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0915 (GCVE-0-2019-0915)
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:58:59.601Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0915"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-16T18:17:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0915"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0915",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0915",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0915"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0915",
"datePublished": "2019-05-16T18:17:02",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:58:59.601Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0829 (GCVE-0-2019-0829)
Vulnerability from cvelistv5
Published
2019-04-09 20:16
Modified
2024-08-04 17:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0812, CVE-2019-0860, CVE-2019-0861.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:58:59.874Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0829"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0812, CVE-2019-0860, CVE-2019-0861."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-09T20:16:58",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0829"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0829",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0812, CVE-2019-0860, CVE-2019-0861."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0829",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0829"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0829",
"datePublished": "2019-04-09T20:16:58",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:58:59.874Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8543 (GCVE-0-2018-8543)
Vulnerability from cvelistv5
Published
2018-11-14 01:00
Modified
2024-08-05 07:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for ARM64-based Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows Server 2016 Version: Windows Server 2019 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:02:25.956Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8543"
},
{
"name": "105846",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105846"
},
{
"name": "1042107",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1042107"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows Server 2019"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-11-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-14T10:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8543"
},
{
"name": "105846",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105846"
},
{
"name": "1042107",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1042107"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8543",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows Server 2019"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8543",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8543"
},
{
"name": "105846",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105846"
},
{
"name": "1042107",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1042107"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8543",
"datePublished": "2018-11-14T01:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T07:02:25.956Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0639 (GCVE-0-2019-0639)
Vulnerability from cvelistv5
Published
2019-04-08 22:40
Modified
2024-08-04 17:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:51:27.063Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0639"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-122/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
}
]
}
],
"datePublic": "2019-03-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0609, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-15T10:06:15",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0639"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-122/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0639",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows Server 2019"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0609, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0639",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0639"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-122/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-122/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0639",
"datePublished": "2019-04-08T22:40:41",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:51:27.063Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-0829 (GCVE-0-2020-0829)
Vulnerability from cvelistv5
Published
2020-03-12 15:48
Modified
2024-08-04 06:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:18:03.447Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0829"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-12T15:48:32",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0829"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2020-0829",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0829",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0829"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-0829",
"datePublished": "2020-03-12T15:48:32",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:18:03.447Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8583 (GCVE-0-2018-8583)
Vulnerability from cvelistv5
Published
2018-12-12 00:00
Modified
2024-08-05 07:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8617, CVE-2018-8618, CVE-2018-8624, CVE-2018-8629.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for ARM64-based Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows Server 2019 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:02:25.899Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106111",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106111"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8583"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-12-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8617, CVE-2018-8618, CVE-2018-8624, CVE-2018-8629."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-12T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "106111",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106111"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8583"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8583",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows Server 2019"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8617, CVE-2018-8618, CVE-2018-8624, CVE-2018-8629."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106111",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106111"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8583",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8583"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8583",
"datePublished": "2018-12-12T00:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T07:02:25.899Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0649 (GCVE-0-2019-0649)
Vulnerability from cvelistv5
Published
2019-03-06 00:00
Modified
2024-08-04 17:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Elevation of Privilege
Summary
A vulnerability exists in Microsoft Chakra JIT server, aka 'Scripting Engine Elevation of Privileged Vulnerability'.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:51:26.968Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0649"
},
{
"name": "106877",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106877"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"datePublic": "2019-03-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability exists in Microsoft Chakra JIT server, aka \u0027Scripting Engine Elevation of Privileged Vulnerability\u0027."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-06T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0649"
},
{
"name": "106877",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106877"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0649",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability exists in Microsoft Chakra JIT server, aka \u0027Scripting Engine Elevation of Privileged Vulnerability\u0027."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0649",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0649"
},
{
"name": "106877",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106877"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0649",
"datePublished": "2019-03-06T00:00:00",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:51:26.968Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8137 (GCVE-0-2018-8137)
Vulnerability from cvelistv5
Published
2018-05-09 19:00
Modified
2024-08-05 06:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8139.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows Server 2016 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:46:13.354Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8137"
},
{
"name": "103967",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103967"
},
{
"name": "1040844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040844"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-05-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8139."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-10T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8137"
},
{
"name": "103967",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103967"
},
{
"name": "1040844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040844"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8137",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8139."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8137",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8137"
},
{
"name": "103967",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103967"
},
{
"name": "1040844",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040844"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8137",
"datePublished": "2018-05-09T19:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:46:13.354Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8287 (GCVE-0-2018-8287)
Vulnerability from cvelistv5
Published
2018-07-11 00:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296, CVE-2018-8298.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: ChakraCore |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:34.918Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1041256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041256"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8287"
},
{
"name": "104634",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104634"
},
{
"name": "1041258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041258"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
},
{
"product": "Internet Explorer 11",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 8.1 for 32-bit systems"
},
{
"status": "affected",
"version": "Windows 8.1 for x64-based systems"
},
{
"status": "affected",
"version": "Windows RT 8.1"
},
{
"status": "affected",
"version": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows Server 2012 R2"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "Internet Explorer 10",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows Server 2012"
}
]
}
],
"datePublic": "2018-07-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296, CVE-2018-8298."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-11T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1041256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041256"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8287"
},
{
"name": "104634",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104634"
},
{
"name": "1041258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041258"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8287",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
},
{
"product_name": "Internet Explorer 11",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"version_value": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows 8.1 for 32-bit systems"
},
{
"version_value": "Windows 8.1 for x64-based systems"
},
{
"version_value": "Windows RT 8.1"
},
{
"version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows Server 2012 R2"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "Internet Explorer 10",
"version": {
"version_data": [
{
"version_value": "Windows Server 2012"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296, CVE-2018-8298."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041256"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8287",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8287"
},
{
"name": "104634",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104634"
},
{
"name": "1041258",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041258"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8287",
"datePublished": "2018-07-11T00:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:34.918Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1051 (GCVE-0-2019-1051)
Vulnerability from cvelistv5
Published
2019-06-12 13:49
Modified
2025-05-20 17:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.
The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge (EdgeHTML-based) |
Version: 1.0..0 < publication |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:06:31.578Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1051"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows 10 Version 1703 for 32-bit Systems",
"Windows 10 Version 1703 for x64-based Systems",
"Windows 10 Version 1803 for 32-bit Systems",
"Windows 10 Version 1803 for x64-based Systems",
"Windows 10 Version 1803 for ARM64-based Systems",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows 10 Version 1709 for 32-bit Systems",
"Windows 10 Version 1709 for x64-based Systems",
"Windows 10 Version 1709 for ARM64-based Systems",
"Windows 10 Version 1903 for 32-bit Systems",
"Windows 10 Version 1903 for x64-based Systems",
"Windows 10 Version 1903 for ARM64-based Systems",
"Windows 10 for 32-bit Systems",
"Windows 10 for x64-based Systems",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows 10 Version 1607 for x64-based Systems",
"Windows Server 2016"
],
"product": "Microsoft Edge (EdgeHTML-based)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0..0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ChakraCore"
],
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*",
"versionEndExcluding": "publication",
"versionStartIncluding": "1.0..0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*",
"versionEndExcluding": "publication",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2019-06-11T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nIn a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.\nThe security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T17:50:19.336Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Chakra Scripting Engine Memory Corruption Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-1051"
}
],
"title": "Chakra Scripting Engine Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1051",
"datePublished": "2019-06-12T13:49:41",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2025-05-20T17:50:19.336Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0993 (GCVE-0-2018-0993)
Vulnerability from cvelistv5
Published
2018-04-12 01:00
Modified
2024-08-05 03:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1511 for 32-bit Systems Version: Windows 10 Version 1511 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows Server 2016 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:44:11.910Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "103627",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103627"
},
{
"name": "1040650",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040650"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0993"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1511 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1511 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-12T09:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "103627",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103627"
},
{
"name": "1040650",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040650"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0993"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-0993",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1511 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1511 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "103627",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103627"
},
{
"name": "1040650",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040650"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0993",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0993"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0993",
"datePublished": "2018-04-12T01:00:00",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-08-05T03:44:11.910Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-0711 (GCVE-0-2020-0711)
Vulnerability from cvelistv5
Published
2020-02-11 21:23
Modified
2024-08-04 06:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: unspecified |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:11:05.585Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0711"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T21:23:07",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0711"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2020-0711",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0711",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0711"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-0711",
"datePublished": "2020-02-11T21:23:07",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:11:05.585Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0610 (GCVE-0-2019-0610)
Vulnerability from cvelistv5
Published
2019-03-06 00:00
Modified
2024-08-04 17:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:51:27.118Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106908",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106908"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0610"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"datePublic": "2019-03-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-06T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "106908",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106908"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0610"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0610",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106908",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106908"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0610",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0610"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0610",
"datePublished": "2019-03-06T00:00:00",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:51:27.118Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0954 (GCVE-0-2018-0954)
Vulnerability from cvelistv5
Published
2018-05-09 19:00
Modified
2024-08-05 03:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Internet Explorer 9 |
Version: Windows Server 2008 for 32-bit Systems Service Pack 2 Version: Windows Server 2008 for x64-based Systems Service Pack 2 |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:44:11.604Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "103991",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103991"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0954"
},
{
"name": "1040844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040844"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Internet Explorer 9",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows Server 2008 for 32-bit Systems Service Pack 2"
},
{
"status": "affected",
"version": "Windows Server 2008 for x64-based Systems Service Pack 2"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
},
{
"product": "Internet Explorer 11",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 8.1 for 32-bit systems"
},
{
"status": "affected",
"version": "Windows 8.1 for x64-based systems"
},
{
"status": "affected",
"version": "Windows RT 8.1"
},
{
"status": "affected",
"version": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows Server 2012 R2"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "Internet Explorer 10",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows Server 2012"
}
]
}
],
"datePublic": "2018-05-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Internet Explorer 9, ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-10T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "103991",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103991"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0954"
},
{
"name": "1040844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040844"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-0954",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Internet Explorer 9",
"version": {
"version_data": [
{
"version_value": "Windows Server 2008 for 32-bit Systems Service Pack 2"
},
{
"version_value": "Windows Server 2008 for x64-based Systems Service Pack 2"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
},
{
"product_name": "Internet Explorer 11",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"version_value": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows 8.1 for 32-bit systems"
},
{
"version_value": "Windows 8.1 for x64-based systems"
},
{
"version_value": "Windows RT 8.1"
},
{
"version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows Server 2012 R2"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "Internet Explorer 10",
"version": {
"version_data": [
{
"version_value": "Windows Server 2012"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Internet Explorer 9, ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "103991",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103991"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0954",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0954"
},
{
"name": "1040844",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040844"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0954",
"datePublished": "2018-05-09T19:00:00",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-08-05T03:44:11.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8139 (GCVE-0-2018-8139)
Vulnerability from cvelistv5
Published
2018-05-09 19:00
Modified
2024-08-05 06:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:46:13.347Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "103977",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103977"
},
{
"name": "45012",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45012/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8139"
},
{
"name": "1040844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040844"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-05-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-27T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "103977",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103977"
},
{
"name": "45012",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45012/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8139"
},
{
"name": "1040844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040844"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8139",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "103977",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103977"
},
{
"name": "45012",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45012/"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8139",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8139"
},
{
"name": "1040844",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040844"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8139",
"datePublished": "2018-05-09T19:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:46:13.347Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0567 (GCVE-0-2019-0567)
Vulnerability from cvelistv5
Published
2019-01-08 21:00
Modified
2024-08-04 17:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0539, CVE-2019-0568.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for ARM64-based Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows Server 2016 Version: Windows Server 2019 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:51:26.936Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "46203",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46203/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0567"
},
{
"name": "106418",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106418"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows Server 2019"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2019-01-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0539, CVE-2019-0568."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-19T10:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "46203",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46203/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0567"
},
{
"name": "106418",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106418"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0567",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows Server 2019"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0539, CVE-2019-0568."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "46203",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46203/"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0567",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0567"
},
{
"name": "106418",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106418"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0567",
"datePublished": "2019-01-08T21:00:00",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:51:26.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0592 (GCVE-0-2019-0592)
Vulnerability from cvelistv5
Published
2019-04-08 22:22
Modified
2024-08-04 17:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Other
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0611.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:51:27.239Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0592"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"datePublic": "2019-03-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0611."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Other",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-08T22:22:27",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0592"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0592",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0611."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0592",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0592"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0592",
"datePublished": "2019-04-08T22:22:27",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:51:27.239Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1103 (GCVE-0-2019-1103)
Vulnerability from cvelistv5
Published
2019-07-29 13:58
Modified
2024-08-04 18:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1106, CVE-2019-1107.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:06:31.669Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1103"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1106, CVE-2019-1107."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-29T13:58:46",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1103"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-1103",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1106, CVE-2019-1107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1103",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1103"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1103",
"datePublished": "2019-07-29T13:58:46",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T18:06:31.669Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0912 (GCVE-0-2019-0912)
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:58:59.925Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0912"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-16T18:17:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0912"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0912",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0912",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0912"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0912",
"datePublished": "2019-05-16T18:17:02",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:58:59.925Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1037 (GCVE-0-2020-1037)
Vulnerability from cvelistv5
Published
2020-05-21 22:52
Modified
2024-08-04 06:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Chakra Scripting Engine Memory Corruption Vulnerability'.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: unspecified |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:25:00.735Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1037"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-21T22:52:48",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1037"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2020-1037",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1037",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1037"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-1037",
"datePublished": "2020-05-21T22:52:48",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:25:00.735Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0979 (GCVE-0-2018-0979)
Vulnerability from cvelistv5
Published
2018-04-12 01:00
Modified
2024-08-05 03:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1511 for 32-bit Systems Version: Windows 10 Version 1511 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows Server 2016 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:44:11.804Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "103625",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103625"
},
{
"name": "1040650",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040650"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0979"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1511 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1511 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-12T09:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "103625",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103625"
},
{
"name": "1040650",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040650"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0979"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-0979",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1511 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1511 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "103625",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103625"
},
{
"name": "1040650",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040650"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0979",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0979"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0979",
"datePublished": "2018-04-12T01:00:00",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-08-05T03:44:11.804Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8511 (GCVE-0-2018-8511)
Vulnerability from cvelistv5
Published
2018-10-10 13:00
Modified
2024-08-05 07:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8503, CVE-2018-8505, CVE-2018-8510, CVE-2018-8513.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows Server 2019 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:02:24.463Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105471",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105471"
},
{
"name": "1041825",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041825"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8511"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-10-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8503, CVE-2018-8505, CVE-2018-8510, CVE-2018-8513."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "105471",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105471"
},
{
"name": "1041825",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041825"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8511"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8511",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows Server 2019"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8503, CVE-2018-8505, CVE-2018-8510, CVE-2018-8513."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105471",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105471"
},
{
"name": "1041825",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041825"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8511",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8511"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8511",
"datePublished": "2018-10-10T13:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T07:02:24.463Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1335 (GCVE-0-2019-1335)
Vulnerability from cvelistv5
Published
2019-10-10 13:28
Modified
2024-08-04 18:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1307, CVE-2019-1308, CVE-2019-1366.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems |
Version: unspecified |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:13:30.331Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1335"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1307, CVE-2019-1308, CVE-2019-1366."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-10T13:28:41",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1335"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-1335",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1307, CVE-2019-1308, CVE-2019-1366."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1335",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1335"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1335",
"datePublished": "2019-10-10T13:28:41",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T18:13:30.331Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42279 (GCVE-0-2021-42279)
Vulnerability from cvelistv5
Published
2021-11-10 00:47
Modified
2024-08-04 03:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
Chakra Scripting Engine Memory Corruption Vulnerability
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: N/A |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:30:37.695Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42279"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [],
"platforms": [
"Unknown"
],
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1348:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1348:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1348:*:*:*:*:*:arm64:*"
],
"platforms": [
"x64-based Systems",
"32-bit Systems",
"ARM64-based Systems"
],
"product": "Windows 10 Version 21H1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19043.1348",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.318:*:*:*:*:*:arm64:*",
"cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.318:*:*:*:*:*:x64:*"
],
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22000.318",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.350:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.20348.350",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.1348:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server version 20H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19042.1348",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1809:10.0.18363.1916:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1916:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1916:*:*:*:*:*:x64:*"
],
"platforms": [
"ARM64-based Systems",
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1909",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.18363.1916",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1348:*:*:*:*:*:arm64:*",
"cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1348:*:*:*:*:*:x86:*"
],
"platforms": [
"ARM64-based Systems",
"32-bit Systems"
],
"product": "Windows 10 Version 20H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19042.1348",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.1348:*:*:*:*:*:x64:*"
],
"platforms": [
"ARM64-based Systems",
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 2004",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19041.1348",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19119:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19119:*:*:*:*:*:x64:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1507",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.10240.19119",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2004:10.0.19041.1348:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server version 2004",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19041.1348",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4770:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4770:*:*:*:*:*:x64:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1607",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.4770",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2300:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.2300",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2300:*:*:*:*:*:arm64:*",
"cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2300:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2300:*:*:*:*:*:x64:*"
],
"platforms": [
"ARM64-based Systems",
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.2300",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4770:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.4770",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T08:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "Chakra Scripting Engine Memory Corruption Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T14:47:41.589Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42279"
}
],
"title": "Chakra Scripting Engine Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-42279",
"datePublished": "2021-11-10T00:47:07",
"dateReserved": "2021-10-12T00:00:00",
"dateUpdated": "2024-08-04T03:30:37.695Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0917 (GCVE-0-2019-0917)
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:58:59.940Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0917"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-16T18:17:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0917"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0917",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0917",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0917"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0917",
"datePublished": "2019-05-16T18:17:02",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:58:59.940Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8551 (GCVE-0-2018-8551)
Vulnerability from cvelistv5
Published
2018-11-14 01:00
Modified
2024-08-05 07:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for ARM64-based Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows Server 2019 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:02:24.472Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8551"
},
{
"name": "1042107",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1042107"
},
{
"name": "105773",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105773"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-11-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-14T10:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8551"
},
{
"name": "1042107",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1042107"
},
{
"name": "105773",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105773"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8551",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows Server 2019"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8551",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8551"
},
{
"name": "1042107",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1042107"
},
{
"name": "105773",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105773"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8551",
"datePublished": "2018-11-14T01:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T07:02:24.472Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-0825 (GCVE-0-2020-0825)
Vulnerability from cvelistv5
Published
2020-03-12 15:48
Modified
2024-08-04 06:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: unspecified |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:18:03.633Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0825"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-12T15:48:30",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0825"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2020-0825",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0825",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0825"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-0825",
"datePublished": "2020-03-12T15:48:30",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:18:03.633Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-0812 (GCVE-0-2020-0812)
Vulnerability from cvelistv5
Published
2020-03-12 15:48
Modified
2024-08-04 06:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based)L, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0811.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: unspecified |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:18:02.575Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0812"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based)L, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0811."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-12T15:48:26",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0812"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2020-0812",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based)L, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0811."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0812",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0812"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-0812",
"datePublished": "2020-03-12T15:48:26",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:18:02.575Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8275 (GCVE-0-2018-8275)
Vulnerability from cvelistv5
Published
2018-07-11 00:00
Modified
2024-08-05 06:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8125, CVE-2018-8262, CVE-2018-8274, CVE-2018-8279, CVE-2018-8301.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows Server 2016 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:46:13.847Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104632",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104632"
},
{
"name": "1041256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041256"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8275"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-07-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka \"Microsoft Edge Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8125, CVE-2018-8262, CVE-2018-8274, CVE-2018-8279, CVE-2018-8301."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-11T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "104632",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104632"
},
{
"name": "1041256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041256"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8275"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8275",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka \"Microsoft Edge Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8125, CVE-2018-8262, CVE-2018-8274, CVE-2018-8279, CVE-2018-8301."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104632",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104632"
},
{
"name": "1041256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041256"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8275",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8275"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8275",
"datePublished": "2018-07-11T00:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:46:13.847Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1172 (GCVE-0-2020-1172)
Vulnerability from cvelistv5
Published
2020-09-11 17:09
Modified
2024-08-04 06:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
<p>A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.</p>
<p>If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p>
<p>The security update addresses the vulnerability by modifying how the ChakraCore scripting engine handles objects in memory.</p>
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: 0 < publication cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:* |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:25:01.101Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1172"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 10 Version 2004 for 32-bit Systems",
"Windows 10 Version 2004 for ARM64-based Systems",
"Windows 10 Version 2004 for x64-based Systems",
"Windows 10 Version 1803 for 32-bit Systems",
"Windows 10 Version 1803 for x64-based Systems",
"Windows 10 Version 1803 for ARM64-based Systems",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows 10 Version 1909 for 32-bit Systems",
"Windows 10 Version 1909 for x64-based Systems",
"Windows 10 Version 1909 for ARM64-based Systems",
"Windows 10 Version 1709 for 32-bit Systems",
"Windows 10 Version 1709 for x64-based Systems",
"Windows 10 Version 1709 for ARM64-based Systems",
"Windows 10 Version 1903 for 32-bit Systems",
"Windows 10 Version 1903 for x64-based Systems",
"Windows 10 Version 1903 for ARM64-based Systems",
"Windows 10 for 32-bit Systems",
"Windows 10 for x64-based Systems",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows 10 Version 1607 for x64-based Systems",
"Windows Server 2016"
],
"product": "Microsoft Edge (EdgeHTML-based)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0..0",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-09-08T07:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "\u003cp\u003eA remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\u003c/p\u003e\n\u003cp\u003eIf the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\u003c/p\u003e\n\u003cp\u003eThe security update addresses the vulnerability by modifying how the ChakraCore scripting engine handles objects in memory.\u003c/p\u003e\n"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-31T21:34:47.260Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1172"
}
],
"title": "Scripting Engine Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-1172",
"datePublished": "2020-09-11T17:09:04",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:25:01.101Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0810 (GCVE-0-2019-0810)
Vulnerability from cvelistv5
Published
2019-04-09 20:16
Modified
2024-08-04 17:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:58:58.168Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0810"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-361/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0806, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-15T09:06:04",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0810"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-361/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0810",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0806, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0810",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0810"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-361/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-361/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0810",
"datePublished": "2019-04-09T20:16:25",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:58:58.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1107 (GCVE-0-2019-1107)
Vulnerability from cvelistv5
Published
2019-07-29 14:08
Modified
2024-08-04 18:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1106.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:06:31.598Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1107"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1106."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-29T14:08:17",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1107"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-1107",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1106."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1107",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1107"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1107",
"datePublished": "2019-07-29T14:08:17",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T18:06:31.598Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1139 (GCVE-0-2019-1139)
Vulnerability from cvelistv5
Published
2019-08-14 20:55
Modified
2024-08-04 18:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.
The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: 0 < publication cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:* |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1139",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-01T16:43:00.565277Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-01T16:43:15.831Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:06:31.767Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1139"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 10 Version 1703 for 32-bit Systems",
"Windows 10 Version 1703 for x64-based Systems",
"Windows 10 Version 1803 for 32-bit Systems",
"Windows 10 Version 1803 for x64-based Systems",
"Windows 10 Version 1803 for ARM64-based Systems",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows 10 Version 1709 for 32-bit Systems",
"Windows 10 Version 1709 for x64-based Systems",
"Windows 10 Version 1709 for ARM64-based Systems",
"Windows 10 Version 1903 for 32-bit Systems",
"Windows 10 Version 1903 for x64-based Systems",
"Windows 10 Version 1903 for ARM64-based Systems",
"Windows 10 for 32-bit Systems",
"Windows 10 for x64-based Systems",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows 10 Version 1607 for x64-based Systems",
"Windows Server 2016"
],
"product": "Microsoft Edge (EdgeHTML-based)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0..0",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-08-13T07:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nIn a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.\nThe security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T16:50:28.728Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1139"
}
],
"title": "Chakra Scripting Engine Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1139",
"datePublished": "2019-08-14T20:55:02",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T18:06:31.767Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-0767 (GCVE-0-2020-0767)
Vulnerability from cvelistv5
Published
2020-02-11 21:23
Modified
2024-08-04 06:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: unspecified |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:11:05.564Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0767"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T21:23:29",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0767"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2020-0767",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0767",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0767"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-0767",
"datePublished": "2020-02-11T21:23:29",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:11:05.564Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8459 (GCVE-0-2018-8459)
Vulnerability from cvelistv5
Published
2018-09-13 00:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8354, CVE-2018-8391, CVE-2018-8456, CVE-2018-8457.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.457Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105230",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105230"
},
{
"name": "1041623",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041623"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8459"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-09-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8354, CVE-2018-8391, CVE-2018-8456, CVE-2018-8457."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-13T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "105230",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105230"
},
{
"name": "1041623",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041623"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8459"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8459",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8354, CVE-2018-8391, CVE-2018-8456, CVE-2018-8457."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105230",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105230"
},
{
"name": "1041623",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041623"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8459",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8459"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8459",
"datePublished": "2018-09-13T00:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:36.457Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8294 (GCVE-0-2018-8294)
Vulnerability from cvelistv5
Published
2018-07-11 00:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8280, CVE-2018-8286, CVE-2018-8290.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:34.900Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8294"
},
{
"name": "1041256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041256"
},
{
"name": "104646",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104646"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-07-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8280, CVE-2018-8286, CVE-2018-8290."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-11T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8294"
},
{
"name": "1041256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041256"
},
{
"name": "104646",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104646"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8294",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8280, CVE-2018-8286, CVE-2018-8290."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8294",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8294"
},
{
"name": "1041256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041256"
},
{
"name": "104646",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104646"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8294",
"datePublished": "2018-07-11T00:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:34.900Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0990 (GCVE-0-2019-0990)
Vulnerability from cvelistv5
Published
2019-06-12 13:49
Modified
2025-05-20 17:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.
The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: 0 < publication |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:06:31.274Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0990"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows 10 Version 1703 for 32-bit Systems",
"Windows 10 Version 1703 for x64-based Systems",
"Windows 10 Version 1803 for 32-bit Systems",
"Windows 10 Version 1803 for x64-based Systems",
"Windows 10 Version 1803 for ARM64-based Systems",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows 10 Version 1709 for 32-bit Systems",
"Windows 10 Version 1709 for x64-based Systems",
"Windows 10 Version 1709 for ARM64-based Systems",
"Windows 10 for 32-bit Systems",
"Windows 10 for x64-based Systems",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows 10 Version 1607 for x64-based Systems",
"Windows Server 2016",
"Windows 10 Version 1903 for 32-bit Systems",
"Windows 10 Version 1903 for x64-based Systems",
"Windows 10 Version 1903 for ARM64-based Systems"
],
"product": "Microsoft Edge (EdgeHTML-based)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0..0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*",
"versionEndExcluding": "publication",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*",
"versionEndExcluding": "publication",
"versionStartIncluding": "1.0..0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2019-06-11T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nIn a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.\nThe security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T17:49:59.862Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Chakra Scripting Engine Memory Corruption Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-0990"
}
],
"title": "Chakra Scripting Engine Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0990",
"datePublished": "2019-06-12T13:49:39",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2025-05-20T17:49:59.862Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0925 (GCVE-0-2019-0925)
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:58:59.949Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0925"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-16T18:17:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0925"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0925",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0925",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0925"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0925",
"datePublished": "2019-05-16T18:17:02",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:58:59.949Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0568 (GCVE-0-2019-0568)
Vulnerability from cvelistv5
Published
2019-01-08 21:00
Modified
2024-08-04 17:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0539, CVE-2019-0567.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows Server 2019 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:51:26.733Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0568"
},
{
"name": "106420",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106420"
},
{
"name": "46205",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46205/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2019-01-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0539, CVE-2019-0567."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-19T10:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0568"
},
{
"name": "106420",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106420"
},
{
"name": "46205",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46205/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0568",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows Server 2019"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0539, CVE-2019-0567."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0568",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0568"
},
{
"name": "106420",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106420"
},
{
"name": "46205",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46205/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0568",
"datePublished": "2019-01-08T21:00:00",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:51:26.733Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0605 (GCVE-0-2019-0605)
Vulnerability from cvelistv5
Published
2019-03-06 00:00
Modified
2024-08-04 17:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:51:27.182Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0605"
},
{
"name": "106905",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106905"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"datePublic": "2019-03-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-06T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0605"
},
{
"name": "106905",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106905"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0605",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0605",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0605"
},
{
"name": "106905",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106905"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0605",
"datePublished": "2019-03-06T00:00:00",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:51:27.182Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0773 (GCVE-0-2019-0773)
Vulnerability from cvelistv5
Published
2019-04-09 02:16
Modified
2024-08-04 17:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0783.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:58:57.422Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0773"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"datePublic": "2019-03-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0783."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-09T02:16:35",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0773"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0773",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0783."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0773",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0773"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0773",
"datePublished": "2019-04-09T02:16:35",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:58:57.422Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8588 (GCVE-0-2018-8588)
Vulnerability from cvelistv5
Published
2018-11-14 01:00
Modified
2024-08-05 07:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for ARM64-based Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows Server 2016 Version: Windows Server 2019 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:02:25.965Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1042107",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1042107"
},
{
"name": "105782",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105782"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8588"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows Server 2019"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-11-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-14T10:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1042107",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1042107"
},
{
"name": "105782",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105782"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8588"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8588",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows Server 2019"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1042107",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1042107"
},
{
"name": "105782",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105782"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8588",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8588"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8588",
"datePublished": "2018-11-14T01:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T07:02:25.965Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1065 (GCVE-0-2020-1065)
Vulnerability from cvelistv5
Published
2020-05-21 22:52
Modified
2024-08-04 06:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: unspecified |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:25:01.121Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1065"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-21T22:52:55",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1065"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2020-1065",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1065",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1065"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-1065",
"datePublished": "2020-05-21T22:52:55",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:25:01.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8380 (GCVE-0-2018-8380)
Vulnerability from cvelistv5
Published
2018-08-15 17:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8266, CVE-2018-8381, CVE-2018-8384.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.259Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8380"
},
{
"name": "1041457",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041457"
},
{
"name": "104979",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104979"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-08-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8266, CVE-2018-8381, CVE-2018-8384."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-16T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8380"
},
{
"name": "1041457",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041457"
},
{
"name": "104979",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104979"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8380",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8266, CVE-2018-8381, CVE-2018-8384."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8380",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8380"
},
{
"name": "1041457",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041457"
},
{
"name": "104979",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104979"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8380",
"datePublished": "2018-08-15T17:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:36.259Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0539 (GCVE-0-2019-0539)
Vulnerability from cvelistv5
Published
2019-01-08 21:00
Modified
2024-08-04 17:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0567, CVE-2019-0568.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for ARM64-based Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows Server 2016 Version: Windows Server 2019 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:51:26.182Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "46204",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46204/"
},
{
"name": "46485",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46485/"
},
{
"name": "106401",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106401"
},
{
"name": "46203",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46203/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0539"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows Server 2019"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2019-01-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0567, CVE-2019-0568."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-05T10:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "46204",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46204/"
},
{
"name": "46485",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46485/"
},
{
"name": "106401",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106401"
},
{
"name": "46203",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46203/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0539"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0539",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows Server 2019"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0567, CVE-2019-0568."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "46204",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46204/"
},
{
"name": "46485",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46485/"
},
{
"name": "106401",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106401"
},
{
"name": "46203",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46203/"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0539",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0539"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0539",
"datePublished": "2019-01-08T21:00:00",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:51:26.182Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0993 (GCVE-0-2019-0993)
Vulnerability from cvelistv5
Published
2019-06-12 13:49
Modified
2025-05-20 17:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.
The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge (EdgeHTML-based) |
Version: 1.0..0 < publication |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:06:30.943Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0993"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows 10 Version 1703 for 32-bit Systems",
"Windows 10 Version 1703 for x64-based Systems",
"Windows 10 Version 1803 for 32-bit Systems",
"Windows 10 Version 1803 for x64-based Systems",
"Windows 10 Version 1803 for ARM64-based Systems",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows 10 Version 1709 for 32-bit Systems",
"Windows 10 Version 1709 for x64-based Systems",
"Windows 10 Version 1709 for ARM64-based Systems",
"Windows 10 for 32-bit Systems",
"Windows 10 for x64-based Systems",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows 10 Version 1607 for x64-based Systems",
"Windows Server 2016",
"Windows 10 Version 1903 for 32-bit Systems",
"Windows 10 Version 1903 for x64-based Systems",
"Windows 10 Version 1903 for ARM64-based Systems"
],
"product": "Microsoft Edge (EdgeHTML-based)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0..0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ChakraCore"
],
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*",
"versionEndExcluding": "publication",
"versionStartIncluding": "1.0..0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*",
"versionEndExcluding": "publication",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2019-06-11T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nIn a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.\nThe security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T17:50:02.207Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Chakra Scripting Engine Memory Corruption Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-0993"
}
],
"title": "Chakra Scripting Engine Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0993",
"datePublished": "2019-06-12T13:49:39",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2025-05-20T17:50:02.207Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1138 (GCVE-0-2019-1138)
Vulnerability from cvelistv5
Published
2019-09-11 21:24
Modified
2024-08-04 18:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1217, CVE-2019-1237, CVE-2019-1298, CVE-2019-1300.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge (EdgeHTML-based) on Windows Server 2016 |
Version: unspecified |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:06:31.738Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1138"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1217, CVE-2019-1237, CVE-2019-1298, CVE-2019-1300."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-11T21:24:57",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1138"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-1138",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1217, CVE-2019-1237, CVE-2019-1298, CVE-2019-1300."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1138",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1138"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1138",
"datePublished": "2019-09-11T21:24:57",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T18:06:31.738Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1555 (GCVE-0-2020-1555)
Vulnerability from cvelistv5
Published
2020-08-17 19:13
Modified
2024-08-04 06:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.
The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: 0 < publication cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:* |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:39:10.786Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1555"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 10 Version 1803 for 32-bit Systems",
"Windows 10 Version 1803 for x64-based Systems",
"Windows 10 Version 1803 for ARM64-based Systems",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows 10 Version 1909 for 32-bit Systems",
"Windows 10 Version 1909 for x64-based Systems",
"Windows 10 Version 1909 for ARM64-based Systems",
"Windows 10 Version 1709 for 32-bit Systems",
"Windows 10 Version 1709 for x64-based Systems",
"Windows 10 Version 1709 for ARM64-based Systems",
"Windows 10 Version 1903 for 32-bit Systems",
"Windows 10 Version 1903 for x64-based Systems",
"Windows 10 Version 1903 for ARM64-based Systems",
"Windows 10 Version 2004 for 32-bit Systems",
"Windows 10 Version 2004 for ARM64-based Systems",
"Windows 10 Version 2004 for x64-based Systems"
],
"product": "Microsoft Edge (EdgeHTML-based)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0..0",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-08-11T07:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nIn a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.\nThe security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T16:33:09.887Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1555"
}
],
"title": "Scripting Engine Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-1555",
"datePublished": "2020-08-17T19:13:39",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:39:10.786Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0980 (GCVE-0-2018-0980)
Vulnerability from cvelistv5
Published
2018-04-12 01:00
Modified
2024-08-05 03:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1511 for 32-bit Systems Version: Windows 10 Version 1511 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows Server 2016 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:44:11.828Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040650",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040650"
},
{
"name": "103626",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103626"
},
{
"name": "44653",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44653/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0980"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1511 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1511 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-20T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1040650",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040650"
},
{
"name": "103626",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103626"
},
{
"name": "44653",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44653/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0980"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-0980",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1511 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1511 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040650",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040650"
},
{
"name": "103626",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103626"
},
{
"name": "44653",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44653/"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0980",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0980"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0980",
"datePublished": "2018-04-12T01:00:00",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-08-05T03:44:11.828Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8227 (GCVE-0-2018-8227)
Vulnerability from cvelistv5
Published
2018-06-14 12:00
Modified
2024-08-05 06:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8229.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:46:13.863Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8227"
},
{
"name": "104368",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104368"
},
{
"name": "1041097",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041097"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-06-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8229."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-15T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8227"
},
{
"name": "104368",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104368"
},
{
"name": "1041097",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041097"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8227",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8229."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8227",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8227"
},
{
"name": "104368",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104368"
},
{
"name": "1041097",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041097"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8227",
"datePublished": "2018-06-14T12:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:46:13.863Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-17054 (GCVE-0-2020-17054)
Vulnerability from cvelistv5
Published
2020-11-11 06:48
Modified
2024-10-01 15:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
Chakra Scripting Engine Memory Corruption Vulnerability
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: 0 < publication cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:* |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:53:16.243Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17054"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-17054",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-27T17:05:49.568986Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-01T15:56:26.294Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 10 Version 1803 for 32-bit Systems",
"Windows 10 Version 1803 for x64-based Systems",
"Windows 10 Version 1803 for ARM64-based Systems",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows 10 Version 1909 for 32-bit Systems",
"Windows 10 Version 1909 for x64-based Systems",
"Windows 10 Version 1909 for ARM64-based Systems",
"Windows 10 Version 1903 for 32-bit Systems",
"Windows 10 Version 1903 for x64-based Systems",
"Windows 10 Version 1903 for ARM64-based Systems",
"Windows 10 Version 2004 for 32-bit Systems",
"Windows 10 Version 2004 for ARM64-based Systems",
"Windows 10 Version 2004 for x64-based Systems",
"Windows 10 for 32-bit Systems",
"Windows 10 for x64-based Systems",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows 10 Version 1607 for x64-based Systems",
"Windows Server 2016",
"Windows 10 Version 20H2 for 32-bit Systems",
"Windows 10 Version 20H2 for ARM64-based Systems"
],
"product": "Microsoft Edge (EdgeHTML-based)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0..0",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-11-10T08:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "Chakra Scripting Engine Memory Corruption Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T15:51:58.998Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17054"
}
],
"title": "Chakra Scripting Engine Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-17054",
"datePublished": "2020-11-11T06:48:19",
"dateReserved": "2020-08-04T00:00:00",
"dateUpdated": "2024-10-01T15:56:26.294Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8384 (GCVE-0-2018-8384)
Vulnerability from cvelistv5
Published
2018-08-15 17:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-8266, CVE-2018-8380, CVE-2018-8381.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft | ChakraCore |
Version: ChakraCore |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.150Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104981",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104981"
},
{
"name": "45431",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45431/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8384"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-08-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore. This CVE ID is unique from CVE-2018-8266, CVE-2018-8380, CVE-2018-8381."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-20T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "104981",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104981"
},
{
"name": "45431",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45431/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8384"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8384",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore. This CVE ID is unique from CVE-2018-8266, CVE-2018-8380, CVE-2018-8381."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104981",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104981"
},
{
"name": "45431",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45431/"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8384",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8384"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8384",
"datePublished": "2018-08-15T17:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:36.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8385 (GCVE-0-2018-8385)
Vulnerability from cvelistv5
Published
2018-08-15 17:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8389, CVE-2018-8390.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Internet Explorer 9 |
Version: Windows Server 2008 for 32-bit Systems Service Pack 2 Version: Windows Server 2008 for x64-based Systems Service Pack 2 |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.001Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8385"
},
{
"name": "1041457",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041457"
},
{
"name": "105039",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105039"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Internet Explorer 9",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows Server 2008 for 32-bit Systems Service Pack 2"
},
{
"status": "affected",
"version": "Windows Server 2008 for x64-based Systems Service Pack 2"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
},
{
"product": "Internet Explorer 11",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 8.1 for 32-bit systems"
},
{
"status": "affected",
"version": "Windows 8.1 for x64-based systems"
},
{
"status": "affected",
"version": "Windows RT 8.1"
},
{
"status": "affected",
"version": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows Server 2012 R2"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "Internet Explorer 10",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows Server 2012"
}
]
}
],
"datePublic": "2018-08-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Internet Explorer 9, ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8389, CVE-2018-8390."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-16T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8385"
},
{
"name": "1041457",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041457"
},
{
"name": "105039",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105039"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8385",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Internet Explorer 9",
"version": {
"version_data": [
{
"version_value": "Windows Server 2008 for 32-bit Systems Service Pack 2"
},
{
"version_value": "Windows Server 2008 for x64-based Systems Service Pack 2"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
},
{
"product_name": "Internet Explorer 11",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"version_value": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows 8.1 for 32-bit systems"
},
{
"version_value": "Windows 8.1 for x64-based systems"
},
{
"version_value": "Windows RT 8.1"
},
{
"version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows Server 2012 R2"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "Internet Explorer 10",
"version": {
"version_data": [
{
"version_value": "Windows Server 2012"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Internet Explorer 9, ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8389, CVE-2018-8390."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8385",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8385"
},
{
"name": "1041457",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041457"
},
{
"name": "105039",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105039"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8385",
"datePublished": "2018-08-15T17:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:36.001Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8290 (GCVE-0-2018-8290)
Vulnerability from cvelistv5
Published
2018-07-11 00:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8280, CVE-2018-8286, CVE-2018-8294.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows Server 2016 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:34.885Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1041256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041256"
},
{
"name": "104644",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104644"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8290"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-07-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8280, CVE-2018-8286, CVE-2018-8294."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-11T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1041256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041256"
},
{
"name": "104644",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104644"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8290"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8290",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8280, CVE-2018-8286, CVE-2018-8294."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041256"
},
{
"name": "104644",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104644"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8290",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8290"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8290",
"datePublished": "2018-07-11T00:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:34.885Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8557 (GCVE-0-2018-8557)
Vulnerability from cvelistv5
Published
2018-11-14 01:00
Modified
2024-08-05 07:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8588.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for ARM64-based Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows Server 2016 Version: Windows Server 2019 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:02:25.399Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1042107",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1042107"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8557"
},
{
"name": "105780",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105780"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows Server 2019"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-11-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8588."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-14T10:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1042107",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1042107"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8557"
},
{
"name": "105780",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105780"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8557",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows Server 2019"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8588."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1042107",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1042107"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8557",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8557"
},
{
"name": "105780",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105780"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8557",
"datePublished": "2018-11-14T01:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T07:02:25.399Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1180 (GCVE-0-2020-1180)
Vulnerability from cvelistv5
Published
2020-09-11 17:09
Modified
2024-08-04 06:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
<p>A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.</p>
<p>If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p>
<p>The security update addresses the vulnerability by modifying how the ChakraCore scripting engine handles objects in memory.</p>
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: 0 < publication cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:* |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:25:01.398Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1180"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 10 Version 1803 for 32-bit Systems",
"Windows 10 Version 1803 for x64-based Systems",
"Windows 10 Version 1803 for ARM64-based Systems",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows 10 Version 1909 for 32-bit Systems",
"Windows 10 Version 1909 for x64-based Systems",
"Windows 10 Version 1909 for ARM64-based Systems",
"Windows 10 Version 1709 for 32-bit Systems",
"Windows 10 Version 1709 for x64-based Systems",
"Windows 10 Version 1709 for ARM64-based Systems",
"Windows 10 Version 1903 for 32-bit Systems",
"Windows 10 Version 1903 for x64-based Systems",
"Windows 10 Version 1903 for ARM64-based Systems",
"Windows 10 Version 2004 for 32-bit Systems",
"Windows 10 Version 2004 for ARM64-based Systems",
"Windows 10 Version 2004 for x64-based Systems",
"Windows 10 for 32-bit Systems",
"Windows 10 for x64-based Systems",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows 10 Version 1607 for x64-based Systems",
"Windows Server 2016"
],
"product": "Microsoft Edge (EdgeHTML-based)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0..0",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-09-08T07:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "\u003cp\u003eA remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\u003c/p\u003e\n\u003cp\u003eIf the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\u003c/p\u003e\n\u003cp\u003eThe security update addresses the vulnerability by modifying how the ChakraCore scripting engine handles objects in memory.\u003c/p\u003e\n"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-31T21:34:47.788Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1180"
}
],
"title": "Scripting Engine Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-1180",
"datePublished": "2020-09-11T17:09:05",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:25:01.398Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8178 (GCVE-0-2018-8178)
Vulnerability from cvelistv5
Published
2018-05-09 19:00
Modified
2024-08-05 06:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: ChakraCore |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:46:13.479Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104076",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104076"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8178"
},
{
"name": "1040844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040844"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
},
{
"product": "Internet Explorer 11",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 8.1 for 32-bit systems"
},
{
"status": "affected",
"version": "Windows 8.1 for x64-based systems"
},
{
"status": "affected",
"version": "Windows RT 8.1"
},
{
"status": "affected",
"version": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows Server 2012 R2"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
}
],
"datePublic": "2018-05-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka \"Microsoft Browser Memory Corruption Vulnerability.\" This affects ChakraCore, Internet Explorer 11, Microsoft Edge."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-10T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "104076",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104076"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8178"
},
{
"name": "1040844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040844"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8178",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
},
{
"product_name": "Internet Explorer 11",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"version_value": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows 8.1 for 32-bit systems"
},
{
"version_value": "Windows 8.1 for x64-based systems"
},
{
"version_value": "Windows RT 8.1"
},
{
"version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows Server 2012 R2"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka \"Microsoft Browser Memory Corruption Vulnerability.\" This affects ChakraCore, Internet Explorer 11, Microsoft Edge."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104076",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104076"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8178",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8178"
},
{
"name": "1040844",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040844"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8178",
"datePublished": "2018-05-09T19:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:46:13.479Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8467 (GCVE-0-2018-8467)
Vulnerability from cvelistv5
Published
2018-09-13 00:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8367, CVE-2018-8465, CVE-2018-8466.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows Server 2016 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.585Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45572",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45572/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8467"
},
{
"name": "1041623",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041623"
},
{
"name": "105244",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105244"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-09-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8367, CVE-2018-8465, CVE-2018-8466."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "45572",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45572/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8467"
},
{
"name": "1041623",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041623"
},
{
"name": "105244",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105244"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8467",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8367, CVE-2018-8465, CVE-2018-8466."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "45572",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45572/"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8467",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8467"
},
{
"name": "1041623",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041623"
},
{
"name": "105244",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105244"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8467",
"datePublished": "2018-09-13T00:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:36.585Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8133 (GCVE-0-2018-8133)
Vulnerability from cvelistv5
Published
2018-05-09 19:00
Modified
2024-08-05 06:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0943, CVE-2018-8130, CVE-2018-8145, CVE-2018-8177.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows Server 2016 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:46:13.455Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "103982",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103982"
},
{
"name": "44817",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44817/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8133"
},
{
"name": "1040844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040844"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-05-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0943, CVE-2018-8130, CVE-2018-8145, CVE-2018-8177."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-02T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "103982",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103982"
},
{
"name": "44817",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44817/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8133"
},
{
"name": "1040844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040844"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8133",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0943, CVE-2018-8130, CVE-2018-8145, CVE-2018-8177."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "103982",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103982"
},
{
"name": "44817",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44817/"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8133",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8133"
},
{
"name": "1040844",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040844"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8133",
"datePublished": "2018-05-09T19:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:46:13.455Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1196 (GCVE-0-2019-1196)
Vulnerability from cvelistv5
Published
2019-08-14 20:55
Modified
2024-08-04 18:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.
The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: 0 < publication cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:* |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1196",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-19T19:06:29.553497Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T19:06:36.825Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:13:29.198Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1196"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 10 Version 1703 for 32-bit Systems",
"Windows 10 Version 1703 for x64-based Systems",
"Windows 10 Version 1803 for 32-bit Systems",
"Windows 10 Version 1803 for x64-based Systems",
"Windows 10 Version 1803 for ARM64-based Systems",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows 10 Version 1709 for 32-bit Systems",
"Windows 10 Version 1709 for x64-based Systems",
"Windows 10 Version 1709 for ARM64-based Systems",
"Windows 10 Version 1903 for 32-bit Systems",
"Windows 10 Version 1903 for x64-based Systems",
"Windows 10 Version 1903 for ARM64-based Systems"
],
"product": "Microsoft Edge (EdgeHTML-based)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0..0",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-08-13T07:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nIn a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.\nThe security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T16:50:38.358Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1196"
}
],
"title": "Chakra Scripting Engine Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1196",
"datePublished": "2019-08-14T20:55:05",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T18:13:29.198Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8276 (GCVE-0-2018-8276)
Vulnerability from cvelistv5
Published
2018-07-11 00:00
Modified
2024-08-05 06:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Security Feature Bypass
Summary
A security feature bypass vulnerability exists in the Microsoft Chakra scripting engine that allows Control Flow Guard (CFG) to be bypassed, aka "Scripting Engine Security Feature Bypass Vulnerability." This affects Microsoft Edge, ChakraCore.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:46:13.797Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1041256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041256"
},
{
"name": "104626",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104626"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8276"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-07-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A security feature bypass vulnerability exists in the Microsoft Chakra scripting engine that allows Control Flow Guard (CFG) to be bypassed, aka \"Scripting Engine Security Feature Bypass Vulnerability.\" This affects Microsoft Edge, ChakraCore."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Security Feature Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-11T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1041256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041256"
},
{
"name": "104626",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104626"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8276"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8276",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A security feature bypass vulnerability exists in the Microsoft Chakra scripting engine that allows Control Flow Guard (CFG) to be bypassed, aka \"Scripting Engine Security Feature Bypass Vulnerability.\" This affects Microsoft Edge, ChakraCore."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Security Feature Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041256"
},
{
"name": "104626",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104626"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8276",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8276"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8276",
"datePublished": "2018-07-11T00:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:46:13.797Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8372 (GCVE-0-2018-8372)
Vulnerability from cvelistv5
Published
2018-08-15 17:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: ChakraCore |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105038",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105038"
},
{
"name": "1041457",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041457"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8372"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
},
{
"product": "Internet Explorer 11",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 8.1 for 32-bit systems"
},
{
"status": "affected",
"version": "Windows 8.1 for x64-based systems"
},
{
"status": "affected",
"version": "Windows RT 8.1"
},
{
"status": "affected",
"version": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows Server 2012 R2"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
}
],
"datePublic": "2018-08-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-16T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "105038",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105038"
},
{
"name": "1041457",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041457"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8372"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8372",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
},
{
"product_name": "Internet Explorer 11",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"version_value": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows 8.1 for 32-bit systems"
},
{
"version_value": "Windows 8.1 for x64-based systems"
},
{
"version_value": "Windows RT 8.1"
},
{
"version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows Server 2012 R2"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105038",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105038"
},
{
"name": "1041457",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041457"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8372",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8372"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8372",
"datePublished": "2018-08-15T17:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:36.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1366 (GCVE-0-2019-1366)
Vulnerability from cvelistv5
Published
2019-10-10 13:28
Modified
2024-08-04 18:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1307, CVE-2019-1308, CVE-2019-1335.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems |
Version: unspecified |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:13:30.481Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1366"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1307, CVE-2019-1308, CVE-2019-1335."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-10T13:28:42",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1366"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-1366",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1307, CVE-2019-1308, CVE-2019-1335."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1366",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1366"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1366",
"datePublished": "2019-10-10T13:28:42",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T18:13:30.481Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-0826 (GCVE-0-2020-0826)
Vulnerability from cvelistv5
Published
2020-03-12 15:48
Modified
2024-08-04 06:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: unspecified |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:18:03.251Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0826"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-12T15:48:31",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0826"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2020-0826",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0826",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0826"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-0826",
"datePublished": "2020-03-12T15:48:31",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:18:03.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-0831 (GCVE-0-2020-0831)
Vulnerability from cvelistv5
Published
2020-03-12 15:48
Modified
2024-08-04 06:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: unspecified |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:18:03.321Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0831"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-12T15:48:33",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0831"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2020-0831",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0831",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0831"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-0831",
"datePublished": "2020-03-12T15:48:33",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:18:03.321Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0739 (GCVE-0-2019-0739)
Vulnerability from cvelistv5
Published
2019-04-09 20:15
Modified
2024-08-04 17:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0752, CVE-2019-0753, CVE-2019-0862.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:58:57.456Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0739"
},
{
"name": "107708",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107708"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0752, CVE-2019-0753, CVE-2019-0862."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-09T21:06:05",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0739"
},
{
"name": "107708",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107708"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0739",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0752, CVE-2019-0753, CVE-2019-0862."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0739",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0739"
},
{
"name": "107708",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107708"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0739",
"datePublished": "2019-04-09T20:15:16",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:58:57.456Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0933 (GCVE-0-2019-0933)
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0937.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:59:00.083Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0933"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0937."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-16T18:17:03",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0933"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0933",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0937."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0933",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0933"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0933",
"datePublished": "2019-05-16T18:17:03",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:59:00.083Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1106 (GCVE-0-2019-1106)
Vulnerability from cvelistv5
Published
2019-07-29 14:08
Modified
2024-08-04 18:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1107.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:06:31.740Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1106"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1107."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-29T14:08:07",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1106"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-1106",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1106",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1106"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1106",
"datePublished": "2019-07-29T14:08:07",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T18:06:31.740Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0953 (GCVE-0-2018-0953)
Vulnerability from cvelistv5
Published
2018-05-09 19:00
Modified
2024-08-05 03:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows Server 2016 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:44:11.717Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "103990",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103990"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0953"
},
{
"name": "44694",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44694/"
},
{
"name": "1040844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040844"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-05-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-24T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "103990",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103990"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0953"
},
{
"name": "44694",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44694/"
},
{
"name": "1040844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040844"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-0953",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "103990",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103990"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0953",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0953"
},
{
"name": "44694",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44694/"
},
{
"name": "1040844",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040844"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0953",
"datePublished": "2018-05-09T19:00:00",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-08-05T03:44:11.717Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8500 (GCVE-0-2018-8500)
Vulnerability from cvelistv5
Published
2018-10-10 13:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft | ChakraCore |
Version: ChakraCore |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.828Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105463",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105463"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8500"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-10-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "105463",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105463"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8500"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8500",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105463",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105463"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8500",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8500"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8500",
"datePublished": "2018-10-10T13:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:36.828Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1427 (GCVE-0-2019-1427)
Vulnerability from cvelistv5
Published
2019-11-12 18:53
Modified
2024-08-04 18:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1428, CVE-2019-1429.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems |
Version: unspecified |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:27.437Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1427"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1426, CVE-2019-1428, CVE-2019-1429."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-12T18:53:09",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1427"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-1427",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1426, CVE-2019-1428, CVE-2019-1429."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1427",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1427"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1427",
"datePublished": "2019-11-12T18:53:09",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T18:20:27.437Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1057 (GCVE-0-2020-1057)
Vulnerability from cvelistv5
Published
2020-09-11 17:08
Modified
2024-08-04 06:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
<p>A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.</p>
<p>If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p>
<p>The security update addresses the vulnerability by modifying how the ChakraCore scripting engine handles objects in memory.</p>
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: 0 < publication cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:* |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:25:00.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1057"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 10 Version 1803 for 32-bit Systems",
"Windows 10 Version 1803 for x64-based Systems",
"Windows 10 Version 1803 for ARM64-based Systems",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows 10 Version 1909 for 32-bit Systems",
"Windows 10 Version 1909 for x64-based Systems",
"Windows 10 Version 1909 for ARM64-based Systems",
"Windows 10 Version 1709 for 32-bit Systems",
"Windows 10 Version 1709 for x64-based Systems",
"Windows 10 Version 1709 for ARM64-based Systems",
"Windows 10 Version 1903 for 32-bit Systems",
"Windows 10 Version 1903 for x64-based Systems",
"Windows 10 Version 1903 for ARM64-based Systems",
"Windows 10 Version 2004 for 32-bit Systems",
"Windows 10 Version 2004 for ARM64-based Systems",
"Windows 10 Version 2004 for x64-based Systems",
"Windows 10 for 32-bit Systems",
"Windows 10 for x64-based Systems",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows 10 Version 1607 for x64-based Systems",
"Windows Server 2016"
],
"product": "Microsoft Edge (EdgeHTML-based)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0..0",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-09-08T07:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "\u003cp\u003eA remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.\u003c/p\u003e\n\u003cp\u003eIf the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\u003c/p\u003e\n\u003cp\u003eThe security update addresses the vulnerability by modifying how the ChakraCore scripting engine handles objects in memory.\u003c/p\u003e\n"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-31T21:34:38.966Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1057"
}
],
"title": "Scripting Engine Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-1057",
"datePublished": "2020-09-11T17:08:56",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:25:00.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0591 (GCVE-0-2019-0591)
Vulnerability from cvelistv5
Published
2019-03-06 00:00
Modified
2024-08-04 17:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:51:27.297Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0591"
},
{
"name": "106935",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106935"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"datePublic": "2019-03-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-06T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0591"
},
{
"name": "106935",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106935"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0591",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0591",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0591"
},
{
"name": "106935",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106935"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0591",
"datePublished": "2019-03-06T00:00:00",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:51:27.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1300 (GCVE-0-2019-1300)
Vulnerability from cvelistv5
Published
2019-09-11 21:25
Modified
2024-08-04 18:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1138, CVE-2019-1217, CVE-2019-1237, CVE-2019-1298.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems |
Version: unspecified |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:13:30.400Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1300"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1138, CVE-2019-1217, CVE-2019-1237, CVE-2019-1298."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-11T21:25:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1300"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-1300",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1138, CVE-2019-1217, CVE-2019-1237, CVE-2019-1298."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1300",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1300"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1300",
"datePublished": "2019-09-11T21:25:01",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T18:13:30.400Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-0970 (GCVE-0-2020-0970)
Vulnerability from cvelistv5
Published
2020-04-15 15:13
Modified
2024-08-04 06:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0968.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: unspecified |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:18:03.609Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0970"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0968."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-15T15:13:08",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0970"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2020-0970",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0968."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0970",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0970"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-0970",
"datePublished": "2020-04-15T15:13:08",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:18:03.609Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8466 (GCVE-0-2018-8466)
Vulnerability from cvelistv5
Published
2018-09-13 00:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8367, CVE-2018-8465, CVE-2018-8467.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows Server 2016 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.480Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45571",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45571/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8466"
},
{
"name": "105243",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105243"
},
{
"name": "1041623",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041623"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-09-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8367, CVE-2018-8465, CVE-2018-8467."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "45571",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45571/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8466"
},
{
"name": "105243",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105243"
},
{
"name": "1041623",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041623"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8466",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8367, CVE-2018-8465, CVE-2018-8467."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "45571",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45571/"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8466",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8466"
},
{
"name": "105243",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105243"
},
{
"name": "1041623",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041623"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8466",
"datePublished": "2018-09-13T00:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:36.480Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8473 (GCVE-0-2018-8473)
Vulnerability from cvelistv5
Published
2018-10-10 13:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8509.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows Server 2019 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.648Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8473"
},
{
"name": "105459",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105459"
},
{
"name": "1041825",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041825"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-10-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka \"Microsoft Edge Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8509."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8473"
},
{
"name": "105459",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105459"
},
{
"name": "1041825",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041825"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8473",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows Server 2019"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka \"Microsoft Edge Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8509."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8473",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8473"
},
{
"name": "105459",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105459"
},
{
"name": "1041825",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041825"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8473",
"datePublished": "2018-10-10T13:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:36.648Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8355 (GCVE-0-2018-8355)
Vulnerability from cvelistv5
Published
2018-08-15 17:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8353, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: ChakraCore |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:35.502Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1041457",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041457"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8355"
},
{
"name": "104978",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104978"
},
{
"name": "45432",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45432/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
},
{
"product": "Internet Explorer 11",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 8.1 for 32-bit systems"
},
{
"status": "affected",
"version": "Windows 8.1 for x64-based systems"
},
{
"status": "affected",
"version": "Windows RT 8.1"
},
{
"status": "affected",
"version": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows Server 2012 R2"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
}
],
"datePublic": "2018-08-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8353, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-20T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1041457",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041457"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8355"
},
{
"name": "104978",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104978"
},
{
"name": "45432",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45432/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8355",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
},
{
"product_name": "Internet Explorer 11",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"version_value": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows 8.1 for 32-bit systems"
},
{
"version_value": "Windows 8.1 for x64-based systems"
},
{
"version_value": "Windows RT 8.1"
},
{
"version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows Server 2012 R2"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8353, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041457",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041457"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8355",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8355"
},
{
"name": "104978",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104978"
},
{
"name": "45432",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45432/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8355",
"datePublished": "2018-08-15T17:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:35.502Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8513 (GCVE-0-2018-8513)
Vulnerability from cvelistv5
Published
2018-10-10 13:00
Modified
2024-08-05 07:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8503, CVE-2018-8505, CVE-2018-8510, CVE-2018-8511.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows Server 2019 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:02:24.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105473",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105473"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8513"
},
{
"name": "1041825",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041825"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-10-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8503, CVE-2018-8505, CVE-2018-8510, CVE-2018-8511."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "105473",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105473"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8513"
},
{
"name": "1041825",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041825"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8513",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows Server 2019"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8503, CVE-2018-8505, CVE-2018-8510, CVE-2018-8511."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105473",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105473"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8513",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8513"
},
{
"name": "1041825",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041825"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8513",
"datePublished": "2018-10-10T13:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T07:02:24.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1001 (GCVE-0-2019-1001)
Vulnerability from cvelistv5
Published
2019-07-15 18:56
Modified
2024-08-04 18:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1004, CVE-2019-1056, CVE-2019-1059.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Internet Explorer 11 |
Version: Windows 7 for 32-bit Systems Service Pack 1 Version: Windows 7 for x64-based Systems Service Pack 1 Version: Windows Server 2008 R2 for x64-based Systems Service Pack 1 Version: Windows 8.1 for 32-bit systems Version: Windows 8.1 for x64-based systems Version: Windows Server 2012 R2 Version: Windows RT 8.1 Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:06:31.464Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1001"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Internet Explorer 11",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 8.1 for 32-bit systems"
},
{
"status": "affected",
"version": "Windows 8.1 for x64-based systems"
},
{
"status": "affected",
"version": "Windows Server 2012 R2"
},
{
"status": "affected",
"version": "Windows RT 8.1"
},
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "Internet Explorer 11 on Windows Server 2012",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1004, CVE-2019-1056, CVE-2019-1059."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-15T18:56:19",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1001"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-1001",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Internet Explorer 11",
"version": {
"version_data": [
{
"version_value": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"version_value": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows 8.1 for 32-bit systems"
},
{
"version_value": "Windows 8.1 for x64-based systems"
},
{
"version_value": "Windows Server 2012 R2"
},
{
"version_value": "Windows RT 8.1"
},
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows Server 2012",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1004, CVE-2019-1056, CVE-2019-1059."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1001",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1001"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1001",
"datePublished": "2019-07-15T18:56:20",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T18:06:31.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-0827 (GCVE-0-2020-0827)
Vulnerability from cvelistv5
Published
2020-03-12 15:48
Modified
2024-08-04 06:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: unspecified |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:18:03.136Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0827"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-12T15:48:31",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0827"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2020-0827",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0827",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0827"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-0827",
"datePublished": "2020-03-12T15:48:31",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:18:03.136Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1023 (GCVE-0-2019-1023)
Vulnerability from cvelistv5
Published
2019-06-12 13:49
Modified
2025-05-20 17:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.
In a web-based attack scenario, an attacker could host a website in an attempt to exploit the vulnerability. In addition, compromised websites and websites that accept or host user-provided content could contain specially crafted content that could exploit the vulnerability. However, in all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action. For example, an attacker could trick a user into clicking a link that takes the user to the attacker's site.
The security update addresses the vulnerability by changing how the scripting engine handles objects in memory.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: 0 < publication |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:06:31.458Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows 10 Version 1703 for 32-bit Systems",
"Windows 10 Version 1703 for x64-based Systems",
"Windows 10 Version 1803 for 32-bit Systems",
"Windows 10 Version 1803 for x64-based Systems",
"Windows 10 Version 1803 for ARM64-based Systems",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows 10 Version 1709 for 32-bit Systems",
"Windows 10 Version 1709 for x64-based Systems",
"Windows 10 Version 1709 for ARM64-based Systems",
"Windows 10 for 32-bit Systems",
"Windows 10 for x64-based Systems",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows 10 Version 1607 for x64-based Systems",
"Windows Server 2016",
"Windows 10 Version 1903 for 32-bit Systems",
"Windows 10 Version 1903 for x64-based Systems",
"Windows 10 Version 1903 for ARM64-based Systems"
],
"product": "Microsoft Edge (EdgeHTML-based)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0..0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*",
"versionEndExcluding": "publication",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*",
"versionEndExcluding": "publication",
"versionStartIncluding": "1.0..0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2019-06-11T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user\u2019s system.\nIn a web-based attack scenario, an attacker could host a website in an attempt to exploit the vulnerability. In addition, compromised websites and websites that accept or host user-provided content could contain specially crafted content that could exploit the vulnerability. However, in all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action. For example, an attacker could trick a user into clicking a link that takes the user to the attacker\u0027s site.\nThe security update addresses the vulnerability by changing how the scripting engine handles objects in memory."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T17:50:08.170Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Scripting Engine Information Disclosure Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-1023"
}
],
"title": "Scripting Engine Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1023",
"datePublished": "2019-06-12T13:49:40",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2025-05-20T17:50:08.170Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8315 (GCVE-0-2018-8315)
Vulnerability from cvelistv5
Published
2018-09-13 00:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
An information disclosure vulnerability exists when the browser scripting engine improperly handle object types, aka "Microsoft Scripting Engine Information Disclosure Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: ChakraCore |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:35.230Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8315"
},
{
"name": "105251",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105251"
},
{
"name": "1041623",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041623"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
},
{
"product": "Internet Explorer 11",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 8.1 for 32-bit systems"
},
{
"status": "affected",
"version": "Windows 8.1 for x64-based systems"
},
{
"status": "affected",
"version": "Windows RT 8.1"
},
{
"status": "affected",
"version": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows Server 2012 R2"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "Internet Explorer 10",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows Server 2012"
}
]
}
],
"datePublic": "2018-09-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists when the browser scripting engine improperly handle object types, aka \"Microsoft Scripting Engine Information Disclosure Vulnerability.\" This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-13T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8315"
},
{
"name": "105251",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105251"
},
{
"name": "1041623",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041623"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8315",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
},
{
"product_name": "Internet Explorer 11",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"version_value": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows 8.1 for 32-bit systems"
},
{
"version_value": "Windows 8.1 for x64-based systems"
},
{
"version_value": "Windows RT 8.1"
},
{
"version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows Server 2012 R2"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "Internet Explorer 10",
"version": {
"version_data": [
{
"version_value": "Windows Server 2012"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists when the browser scripting engine improperly handle object types, aka \"Microsoft Scripting Engine Information Disclosure Vulnerability.\" This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8315",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8315"
},
{
"name": "105251",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105251"
},
{
"name": "1041623",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041623"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8315",
"datePublished": "2018-09-13T00:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:35.230Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1219 (GCVE-0-2020-1219)
Vulnerability from cvelistv5
Published
2020-06-09 19:43
Modified
2024-08-04 06:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: unspecified |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:31:59.532Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1219"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-698/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11 on Windows 10 Version 2004 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11 on Windows 10 Version 2004 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11 on Windows 10 Version 2004 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 8.1 for 32-bit systems"
},
{
"status": "affected",
"version": "Windows 8.1 for x64-based systems"
},
{
"status": "affected",
"version": "Windows RT 8.1"
},
{
"status": "affected",
"version": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows Server 2012 R2"
}
]
},
{
"product": "Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11 on Windows Server 2012",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka \u0027Microsoft Browser Memory Corruption Vulnerability\u0027."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-09T20:06:08",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1219"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-698/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2020-1219",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows 10 Version 2004 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows 10 Version 2004 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows 10 Version 2004 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"version_value": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows 8.1 for 32-bit systems"
},
{
"version_value": "Windows 8.1 for x64-based systems"
},
{
"version_value": "Windows RT 8.1"
},
{
"version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows Server 2012 R2"
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows Server 2012",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka \u0027Microsoft Browser Memory Corruption Vulnerability\u0027."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1219",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1219"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-698/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-698/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-1219",
"datePublished": "2020-06-09T19:43:29",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:31:59.532Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-1019 (GCVE-0-2018-1019)
Vulnerability from cvelistv5
Published
2018-04-12 01:00
Modified
2024-08-05 03:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:44:11.811Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040650",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040650"
},
{
"name": "103633",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103633"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1019"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-12T09:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1040650",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040650"
},
{
"name": "103633",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103633"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1019"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-1019",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040650",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040650"
},
{
"name": "103633",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103633"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1019",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1019"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-1019",
"datePublished": "2018-04-12T01:00:00",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-08-05T03:44:11.811Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8542 (GCVE-0-2018-8542)
Vulnerability from cvelistv5
Published
2018-11-14 01:00
Modified
2024-08-05 07:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for ARM64-based Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows Server 2016 Version: Windows Server 2019 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:02:25.495Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105772",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105772"
},
{
"name": "1042107",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1042107"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8542"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows Server 2019"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-11-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-14T10:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "105772",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105772"
},
{
"name": "1042107",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1042107"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8542"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8542",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows Server 2019"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105772",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105772"
},
{
"name": "1042107",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1042107"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8542",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8542"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8542",
"datePublished": "2018-11-14T01:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T07:02:25.495Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-0768 (GCVE-0-2020-0768)
Vulnerability from cvelistv5
Published
2020-03-12 15:48
Modified
2024-08-04 06:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: unspecified |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:11:05.538Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0768"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 8.1 for 32-bit systems"
},
{
"status": "affected",
"version": "Windows 8.1 for x64-based systems"
},
{
"status": "affected",
"version": "Windows RT 8.1"
},
{
"status": "affected",
"version": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows Server 2012 R2"
}
]
},
{
"product": "Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11 on Windows Server 2012",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-12T15:48:07",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0768"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2020-0768",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"version_value": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows 8.1 for 32-bit systems"
},
{
"version_value": "Windows 8.1 for x64-based systems"
},
{
"version_value": "Windows RT 8.1"
},
{
"version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows Server 2012 R2"
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows Server 2012",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0768",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0768"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-0768",
"datePublished": "2020-03-12T15:48:07",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:11:05.538Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0861 (GCVE-0-2019-0861)
Vulnerability from cvelistv5
Published
2019-04-09 20:19
Modified
2024-08-04 17:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:58:59.578Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0861"
},
{
"name": "107724",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107724"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-09T21:06:05",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0861"
},
{
"name": "107724",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107724"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0861",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0861",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0861"
},
{
"name": "107724",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107724"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0861",
"datePublished": "2019-04-09T20:19:48",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:58:59.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0806 (GCVE-0-2019-0806)
Vulnerability from cvelistv5
Published
2019-04-09 20:16
Modified
2024-08-04 17:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0810, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:58:59.251Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0806"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0810, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-09T20:16:25",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0806"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0806",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0810, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0806",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0806"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0806",
"datePublished": "2019-04-09T20:16:25",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:58:59.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0658 (GCVE-0-2019-0658)
Vulnerability from cvelistv5
Published
2019-03-06 00:00
Modified
2024-08-04 17:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0648.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:51:27.001Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0658"
},
{
"name": "106882",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106882"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"datePublic": "2019-03-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka \u0027Scripting Engine Information Disclosure Vulnerability\u0027. This CVE ID is unique from CVE-2019-0648."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-06T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0658"
},
{
"name": "106882",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106882"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0658",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka \u0027Scripting Engine Information Disclosure Vulnerability\u0027. This CVE ID is unique from CVE-2019-0648."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0658",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0658"
},
{
"name": "106882",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106882"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0658",
"datePublished": "2019-03-06T00:00:00",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:51:27.001Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8505 (GCVE-0-2018-8505)
Vulnerability from cvelistv5
Published
2018-10-10 13:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8503, CVE-2018-8510, CVE-2018-8511, CVE-2018-8513.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows Server 2016 Version: Windows Server 2019 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.816Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105468",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105468"
},
{
"name": "1041825",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041825"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8505"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows Server 2019"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-10-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8503, CVE-2018-8510, CVE-2018-8511, CVE-2018-8513."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "105468",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105468"
},
{
"name": "1041825",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041825"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8505"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8505",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows Server 2019"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8503, CVE-2018-8510, CVE-2018-8511, CVE-2018-8513."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105468",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105468"
},
{
"name": "1041825",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041825"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8505",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8505"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8505",
"datePublished": "2018-10-10T13:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:36.816Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8266 (GCVE-0-2018-8266)
Vulnerability from cvelistv5
Published
2018-08-15 17:00
Modified
2024-08-05 06:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8380, CVE-2018-8381, CVE-2018-8384.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows Server 2016 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:46:13.806Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104977",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104977"
},
{
"name": "1041457",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041457"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8266"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-08-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8380, CVE-2018-8381, CVE-2018-8384."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-16T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "104977",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104977"
},
{
"name": "1041457",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041457"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8266"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8266",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8380, CVE-2018-8381, CVE-2018-8384."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104977",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104977"
},
{
"name": "1041457",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041457"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8266",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8266"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8266",
"datePublished": "2018-08-15T17:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:46:13.806Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8354 (GCVE-0-2018-8354)
Vulnerability from cvelistv5
Published
2018-09-13 00:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8391, CVE-2018-8456, CVE-2018-8457, CVE-2018-8459.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows Server 2016 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:35.945Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105232",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105232"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8354"
},
{
"name": "1041623",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041623"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-09-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8391, CVE-2018-8456, CVE-2018-8457, CVE-2018-8459."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-13T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "105232",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105232"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8354"
},
{
"name": "1041623",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041623"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8354",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8391, CVE-2018-8456, CVE-2018-8457, CVE-2018-8459."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105232",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105232"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8354",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8354"
},
{
"name": "1041623",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041623"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8354",
"datePublished": "2018-09-13T00:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:35.945Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0652 (GCVE-0-2019-0652)
Vulnerability from cvelistv5
Published
2019-03-06 00:00
Modified
2024-08-04 17:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0655.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:51:26.987Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106903",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106903"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0652"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"datePublic": "2019-03-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0655."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-06T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "106903",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106903"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0652"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0652",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0655."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106903",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106903"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0652",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0652"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0652",
"datePublished": "2019-03-06T00:00:00",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:51:26.987Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1073 (GCVE-0-2020-1073)
Vulnerability from cvelistv5
Published
2020-06-09 19:43
Modified
2024-08-04 06:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: unspecified |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:25:00.993Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1073"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-09T19:43:15",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1073"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2020-1073",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1073",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1073"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-1073",
"datePublished": "2020-06-09T19:43:15",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:25:00.993Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-0823 (GCVE-0-2020-0823)
Vulnerability from cvelistv5
Published
2020-03-12 15:48
Modified
2024-08-04 06:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: unspecified |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:18:03.159Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0823"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0768, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-12T15:48:29",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0823"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2020-0823",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0768, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0823",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0823"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-0823",
"datePublished": "2020-03-12T15:48:29",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:18:03.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8177 (GCVE-0-2018-8177)
Vulnerability from cvelistv5
Published
2018-05-09 19:00
Modified
2024-08-05 06:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-0943, CVE-2018-8130, CVE-2018-8133, CVE-2018-8145.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft | ChakraCore |
Version: ChakraCore |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:46:13.444Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8177"
},
{
"name": "104090",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104090"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-05-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore. This CVE ID is unique from CVE-2018-0943, CVE-2018-8130, CVE-2018-8133, CVE-2018-8145."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-10T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8177"
},
{
"name": "104090",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104090"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8177",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore. This CVE ID is unique from CVE-2018-0943, CVE-2018-8130, CVE-2018-8133, CVE-2018-8145."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8177",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8177"
},
{
"name": "104090",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104090"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8177",
"datePublished": "2018-05-09T19:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:46:13.444Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0651 (GCVE-0-2019-0651)
Vulnerability from cvelistv5
Published
2019-03-06 00:00
Modified
2024-08-04 17:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0652, CVE-2019-0655.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:51:27.193Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106902",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106902"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0651"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"datePublic": "2019-03-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0652, CVE-2019-0655."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-06T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "106902",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106902"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0651"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0651",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0652, CVE-2019-0655."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106902",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106902"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0651",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0651"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0651",
"datePublished": "2019-03-06T00:00:00",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:51:27.193Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8624 (GCVE-0-2018-8624)
Vulnerability from cvelistv5
Published
2018-12-12 00:00
Modified
2024-08-05 07:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8617, CVE-2018-8618, CVE-2018-8629.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for ARM64-based Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows Server 2016 Version: Windows Server 2019 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:02:25.923Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106114",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106114"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8624"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows Server 2019"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-12-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8617, CVE-2018-8618, CVE-2018-8629."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-12T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "106114",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106114"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8624"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8624",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows Server 2019"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8617, CVE-2018-8618, CVE-2018-8629."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106114",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106114"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8624",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8624"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8624",
"datePublished": "2018-12-12T00:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T07:02:25.923Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8452 (GCVE-0-2018-8452)
Vulnerability from cvelistv5
Published
2018-09-13 00:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers, aka "Scripting Engine Information Disclosure Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: ChakraCore |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.647Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8452"
},
{
"name": "105252",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105252"
},
{
"name": "1041623",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041623"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
},
{
"product": "Internet Explorer 11",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 8.1 for 32-bit systems"
},
{
"status": "affected",
"version": "Windows 8.1 for x64-based systems"
},
{
"status": "affected",
"version": "Windows RT 8.1"
},
{
"status": "affected",
"version": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows Server 2012 R2"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
}
],
"datePublic": "2018-09-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers, aka \"Scripting Engine Information Disclosure Vulnerability.\" This affects ChakraCore, Internet Explorer 11, Microsoft Edge."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-13T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8452"
},
{
"name": "105252",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105252"
},
{
"name": "1041623",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041623"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8452",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
},
{
"product_name": "Internet Explorer 11",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"version_value": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows 8.1 for 32-bit systems"
},
{
"version_value": "Windows 8.1 for x64-based systems"
},
{
"version_value": "Windows RT 8.1"
},
{
"version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows Server 2012 R2"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers, aka \"Scripting Engine Information Disclosure Vulnerability.\" This affects ChakraCore, Internet Explorer 11, Microsoft Edge."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8452",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8452"
},
{
"name": "105252",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105252"
},
{
"name": "1041623",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041623"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8452",
"datePublished": "2018-09-13T00:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:36.647Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0927 (GCVE-0-2019-0927)
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0933, CVE-2019-0937.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:58:59.894Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0927"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0933, CVE-2019-0937."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-16T18:17:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0927"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0927",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0933, CVE-2019-0937."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0927",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0927"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0927",
"datePublished": "2019-05-16T18:17:02",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:58:59.894Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1308 (GCVE-0-2019-1308)
Vulnerability from cvelistv5
Published
2019-10-10 13:28
Modified
2024-08-04 18:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1307, CVE-2019-1335, CVE-2019-1366.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems |
Version: unspecified |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:13:30.225Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1308"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1307, CVE-2019-1335, CVE-2019-1366."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-10T13:28:40",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1308"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-1308",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1307, CVE-2019-1335, CVE-2019-1366."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1308",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1308"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1308",
"datePublished": "2019-10-10T13:28:40",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T18:13:30.225Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-17048 (GCVE-0-2020-17048)
Vulnerability from cvelistv5
Published
2020-11-11 06:48
Modified
2024-09-10 15:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
Chakra Scripting Engine Memory Corruption Vulnerability
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: 0 < publication cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:* |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:45:34.951Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17048"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 10 Version 20H2 for 32-bit Systems",
"Windows 10 Version 1803 for 32-bit Systems",
"Windows 10 Version 1803 for x64-based Systems",
"Windows 10 Version 1803 for ARM64-based Systems",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows 10 Version 1909 for 32-bit Systems",
"Windows 10 Version 1909 for x64-based Systems",
"Windows 10 Version 1909 for ARM64-based Systems",
"Windows 10 Version 1903 for 32-bit Systems",
"Windows 10 Version 1903 for x64-based Systems",
"Windows 10 Version 1903 for ARM64-based Systems",
"Windows 10 Version 2004 for 32-bit Systems",
"Windows 10 Version 2004 for ARM64-based Systems",
"Windows 10 Version 2004 for x64-based Systems",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows 10 Version 1607 for x64-based Systems",
"Windows Server 2016",
"Windows 10 Version 20H2 for ARM64-based Systems"
],
"product": "Microsoft Edge (EdgeHTML-based)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0..0",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-11-10T08:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "Chakra Scripting Engine Memory Corruption Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T15:51:56.146Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17048"
}
],
"title": "Chakra Scripting Engine Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-17048",
"datePublished": "2020-11-11T06:48:17",
"dateReserved": "2020-08-04T00:00:00",
"dateUpdated": "2024-09-10T15:51:56.146Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8283 (GCVE-0-2018-8283)
Vulnerability from cvelistv5
Published
2018-07-11 00:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-8242, CVE-2018-8287, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296, CVE-2018-8298.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft | ChakraCore |
Version: ChakraCore |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:35.238Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8283"
},
{
"name": "104633",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104633"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-07-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore. This CVE ID is unique from CVE-2018-8242, CVE-2018-8287, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296, CVE-2018-8298."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-11T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8283"
},
{
"name": "104633",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104633"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8283",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore. This CVE ID is unique from CVE-2018-8242, CVE-2018-8287, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296, CVE-2018-8298."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8283",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8283"
},
{
"name": "104633",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104633"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8283",
"datePublished": "2018-07-11T00:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:35.238Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8279 (GCVE-0-2018-8279)
Vulnerability from cvelistv5
Published
2018-07-11 00:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8125, CVE-2018-8262, CVE-2018-8274, CVE-2018-8275, CVE-2018-8301.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:34.829Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1041256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041256"
},
{
"name": "104641",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104641"
},
{
"name": "45214",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45214/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8279"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-07-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka \"Microsoft Edge Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8125, CVE-2018-8262, CVE-2018-8274, CVE-2018-8275, CVE-2018-8301."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-19T09:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1041256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041256"
},
{
"name": "104641",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104641"
},
{
"name": "45214",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45214/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8279"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8279",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka \"Microsoft Edge Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8125, CVE-2018-8262, CVE-2018-8274, CVE-2018-8275, CVE-2018-8301."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041256"
},
{
"name": "104641",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104641"
},
{
"name": "45214",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45214/"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8279",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8279"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8279",
"datePublished": "2018-07-11T00:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:34.829Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1052 (GCVE-0-2019-1052)
Vulnerability from cvelistv5
Published
2019-06-12 13:49
Modified
2025-05-20 17:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.
The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge (EdgeHTML-based) |
Version: 1.0..0 < publication |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:06:31.587Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1052"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows 10 Version 1703 for 32-bit Systems",
"Windows 10 Version 1703 for x64-based Systems",
"Windows 10 Version 1803 for 32-bit Systems",
"Windows 10 Version 1803 for x64-based Systems",
"Windows 10 Version 1803 for ARM64-based Systems",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows 10 Version 1709 for 32-bit Systems",
"Windows 10 Version 1709 for x64-based Systems",
"Windows 10 Version 1709 for ARM64-based Systems",
"Windows 10 for 32-bit Systems",
"Windows 10 for x64-based Systems",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows 10 Version 1607 for x64-based Systems",
"Windows Server 2016",
"Windows 10 Version 1903 for 32-bit Systems",
"Windows 10 Version 1903 for x64-based Systems",
"Windows 10 Version 1903 for ARM64-based Systems"
],
"product": "Microsoft Edge (EdgeHTML-based)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0..0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ChakraCore"
],
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*",
"versionEndExcluding": "publication",
"versionStartIncluding": "1.0..0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*",
"versionEndExcluding": "publication",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2019-06-11T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nIn a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.\nThe security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T17:50:19.850Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Chakra Scripting Engine Memory Corruption Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-1052"
}
],
"title": "Chakra Scripting Engine Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1052",
"datePublished": "2019-06-12T13:49:41",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2025-05-20T17:50:19.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8503 (GCVE-0-2018-8503)
Vulnerability from cvelistv5
Published
2018-10-10 13:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8505, CVE-2018-8510, CVE-2018-8511, CVE-2018-8513.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows Server 2016 Version: Windows Server 2019 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.912Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1041825",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041825"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8503"
},
{
"name": "105464",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105464"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows Server 2019"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-10-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8505, CVE-2018-8510, CVE-2018-8511, CVE-2018-8513."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1041825",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041825"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8503"
},
{
"name": "105464",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105464"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8503",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows Server 2019"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8505, CVE-2018-8510, CVE-2018-8511, CVE-2018-8513."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041825",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041825"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8503",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8503"
},
{
"name": "105464",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105464"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8503",
"datePublished": "2018-10-10T13:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:36.912Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0995 (GCVE-0-2018-0995)
Vulnerability from cvelistv5
Published
2018-04-12 01:00
Modified
2024-08-05 03:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-1019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1511 for 32-bit Systems Version: Windows 10 Version 1511 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows Server 2016 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:44:11.853Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "103631",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103631"
},
{
"name": "1040650",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040650"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0995"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1511 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1511 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-1019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-12T09:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "103631",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103631"
},
{
"name": "1040650",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040650"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0995"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-0995",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1511 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1511 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-1019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "103631",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103631"
},
{
"name": "1040650",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040650"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0995",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0995"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0995",
"datePublished": "2018-04-12T01:00:00",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-08-05T03:44:11.853Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0590 (GCVE-0-2019-0590)
Vulnerability from cvelistv5
Published
2019-03-06 00:00
Modified
2024-08-04 17:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:51:26.911Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106934",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106934"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0590"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"datePublic": "2019-03-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-06T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "106934",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106934"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0590"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0590",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106934",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106934"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0590",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0590"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0590",
"datePublished": "2019-03-06T00:00:00",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:51:26.911Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-0828 (GCVE-0-2020-0828)
Vulnerability from cvelistv5
Published
2020-03-12 15:48
Modified
2024-08-04 06:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: unspecified |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:18:03.633Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0828"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-12T15:48:32",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0828"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2020-0828",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0828",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0828"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-0828",
"datePublished": "2020-03-12T15:48:32",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:18:03.633Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-1022 (GCVE-0-2018-1022)
Vulnerability from cvelistv5
Published
2018-05-09 19:00
Modified
2024-08-05 03:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: ChakraCore |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:44:11.835Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "103978",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103978"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1022"
},
{
"name": "1040844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040844"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
},
{
"product": "Internet Explorer 11",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 8.1 for 32-bit systems"
},
{
"status": "affected",
"version": "Windows 8.1 for x64-based systems"
},
{
"status": "affected",
"version": "Windows RT 8.1"
},
{
"status": "affected",
"version": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows Server 2012 R2"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
}
],
"datePublic": "2018-05-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-10T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "103978",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103978"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1022"
},
{
"name": "1040844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040844"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-1022",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
},
{
"product_name": "Internet Explorer 11",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"version_value": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows 8.1 for 32-bit systems"
},
{
"version_value": "Windows 8.1 for x64-based systems"
},
{
"version_value": "Windows RT 8.1"
},
{
"version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows Server 2012 R2"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "103978",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103978"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1022",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1022"
},
{
"name": "1040844",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040844"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-1022",
"datePublished": "2018-05-09T19:00:00",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-08-05T03:44:11.835Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1307 (GCVE-0-2019-1307)
Vulnerability from cvelistv5
Published
2019-10-10 13:28
Modified
2024-08-04 18:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1308, CVE-2019-1335, CVE-2019-1366.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems |
Version: unspecified |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:13:30.445Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1307"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1308, CVE-2019-1335, CVE-2019-1366."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-10T13:28:40",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1307"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-1307",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1308, CVE-2019-1335, CVE-2019-1366."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1307",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1307"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1307",
"datePublished": "2019-10-10T13:28:40",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T18:13:30.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8291 (GCVE-0-2018-8291)
Vulnerability from cvelistv5
Published
2018-07-11 00:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8296, CVE-2018-8298.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: ChakraCore |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:34.917Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104637",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104637"
},
{
"name": "1041256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041256"
},
{
"name": "1041258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041258"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8291"
},
{
"name": "45215",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45215/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
},
{
"product": "Internet Explorer 11",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 8.1 for 32-bit systems"
},
{
"status": "affected",
"version": "Windows 8.1 for x64-based systems"
},
{
"status": "affected",
"version": "Windows RT 8.1"
},
{
"status": "affected",
"version": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows Server 2012 R2"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
}
],
"datePublic": "2018-07-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8296, CVE-2018-8298."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-19T09:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "104637",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104637"
},
{
"name": "1041256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041256"
},
{
"name": "1041258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041258"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8291"
},
{
"name": "45215",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45215/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8291",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
},
{
"product_name": "Internet Explorer 11",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"version_value": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows 8.1 for 32-bit systems"
},
{
"version_value": "Windows 8.1 for x64-based systems"
},
{
"version_value": "Windows RT 8.1"
},
{
"version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows Server 2012 R2"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8296, CVE-2018-8298."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104637",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104637"
},
{
"name": "1041256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041256"
},
{
"name": "1041258",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041258"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8291",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8291"
},
{
"name": "45215",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45215/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8291",
"datePublished": "2018-07-11T00:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:34.917Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1140 (GCVE-0-2019-1140)
Vulnerability from cvelistv5
Published
2019-08-14 20:55
Modified
2024-08-04 18:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.
The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: 0 < publication cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:* |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1140",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-01T16:40:43.823511Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-01T16:40:58.341Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:06:31.787Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1140"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 10 Version 1703 for 32-bit Systems",
"Windows 10 Version 1703 for x64-based Systems",
"Windows 10 Version 1803 for 32-bit Systems",
"Windows 10 Version 1803 for x64-based Systems",
"Windows 10 Version 1803 for ARM64-based Systems",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows 10 Version 1709 for 32-bit Systems",
"Windows 10 Version 1709 for x64-based Systems",
"Windows 10 Version 1709 for ARM64-based Systems",
"Windows 10 Version 1903 for 32-bit Systems",
"Windows 10 Version 1903 for x64-based Systems",
"Windows 10 Version 1903 for ARM64-based Systems",
"Windows 10 for 32-bit Systems",
"Windows 10 for x64-based Systems",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows 10 Version 1607 for x64-based Systems",
"Windows Server 2016"
],
"product": "Microsoft Edge (EdgeHTML-based)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0..0",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-08-13T07:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nIn a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.\nThe security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T16:50:29.216Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1140"
}
],
"title": "Chakra Scripting Engine Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1140",
"datePublished": "2019-08-14T20:55:02",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T18:06:31.787Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8128 (GCVE-0-2018-8128)
Vulnerability from cvelistv5
Published
2018-05-09 19:00
Modified
2024-08-05 06:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8137, CVE-2018-8139.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:46:13.386Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8128"
},
{
"name": "103979",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103979"
},
{
"name": "1040844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040844"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-05-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8137, CVE-2018-8139."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-10T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8128"
},
{
"name": "103979",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103979"
},
{
"name": "1040844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040844"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8128",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8137, CVE-2018-8139."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8128",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8128"
},
{
"name": "103979",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103979"
},
{
"name": "1040844",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040844"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8128",
"datePublished": "2018-05-09T19:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:46:13.386Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-0813 (GCVE-0-2020-0813)
Vulnerability from cvelistv5
Published
2020-03-12 15:48
Modified
2024-08-04 06:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user’s computer or data.To exploit the vulnerability, an attacker must know the memory address of where the object was created.The update addresses the vulnerability by changing the way certain functions handle objects in memory., aka 'Scripting Engine Information Disclosure Vulnerability'.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: unspecified |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:18:03.166Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0813"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user\u00e2\u20ac\u2122s computer or data.To exploit the vulnerability, an attacker must know the memory address of where the object was created.The update addresses the vulnerability by changing the way certain functions handle objects in memory., aka \u0027Scripting Engine Information Disclosure Vulnerability\u0027."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-12T15:48:26",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0813"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2020-0813",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user\u00e2\u20ac\u2122s computer or data.To exploit the vulnerability, an attacker must know the memory address of where the object was created.The update addresses the vulnerability by changing the way certain functions handle objects in memory., aka \u0027Scripting Engine Information Disclosure Vulnerability\u0027."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0813",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0813"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-0813",
"datePublished": "2020-03-12T15:48:26",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:18:03.166Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8286 (GCVE-0-2018-8286)
Vulnerability from cvelistv5
Published
2018-07-11 00:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8280, CVE-2018-8290, CVE-2018-8294.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:34.929Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1041256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041256"
},
{
"name": "104643",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104643"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8286"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-07-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8280, CVE-2018-8290, CVE-2018-8294."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-11T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1041256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041256"
},
{
"name": "104643",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104643"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8286"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8286",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8280, CVE-2018-8290, CVE-2018-8294."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041256"
},
{
"name": "104643",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104643"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8286",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8286"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8286",
"datePublished": "2018-07-11T00:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:34.929Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8280 (GCVE-0-2018-8280)
Vulnerability from cvelistv5
Published
2018-07-11 00:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8286, CVE-2018-8290, CVE-2018-8294.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows Server 2016 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:34.843Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1041256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041256"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8280"
},
{
"name": "104642",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104642"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-07-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8286, CVE-2018-8290, CVE-2018-8294."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-11T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1041256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041256"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8280"
},
{
"name": "104642",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104642"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8280",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8286, CVE-2018-8290, CVE-2018-8294."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041256"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8280",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8280"
},
{
"name": "104642",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104642"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8280",
"datePublished": "2018-07-11T00:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:34.843Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1197 (GCVE-0-2019-1197)
Vulnerability from cvelistv5
Published
2019-08-14 20:55
Modified
2024-08-04 18:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.
The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: 0 < publication cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:* |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1197",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-19T19:05:12.976030Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T19:05:19.171Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:13:29.263Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1197"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 10 Version 1703 for 32-bit Systems",
"Windows 10 Version 1703 for x64-based Systems",
"Windows 10 Version 1803 for 32-bit Systems",
"Windows 10 Version 1803 for x64-based Systems",
"Windows 10 Version 1803 for ARM64-based Systems",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows 10 Version 1709 for 32-bit Systems",
"Windows 10 Version 1709 for x64-based Systems",
"Windows 10 Version 1709 for ARM64-based Systems",
"Windows 10 Version 1903 for 32-bit Systems",
"Windows 10 Version 1903 for x64-based Systems",
"Windows 10 Version 1903 for ARM64-based Systems",
"Windows 10 for 32-bit Systems",
"Windows 10 for x64-based Systems",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows 10 Version 1607 for x64-based Systems",
"Windows Server 2016"
],
"product": "Microsoft Edge (EdgeHTML-based)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0..0",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-08-13T07:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nIn a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.\nThe security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T16:50:38.863Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1197"
}
],
"title": "Chakra Scripting Engine Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1197",
"datePublished": "2019-08-14T20:55:05",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T18:13:29.263Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1217 (GCVE-0-2019-1217)
Vulnerability from cvelistv5
Published
2019-09-11 21:24
Modified
2024-08-04 18:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1138, CVE-2019-1237, CVE-2019-1298, CVE-2019-1300.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems |
Version: unspecified |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:13:29.654Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1217"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1138, CVE-2019-1237, CVE-2019-1298, CVE-2019-1300."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-11T21:24:58",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1217"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-1217",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1138, CVE-2019-1237, CVE-2019-1298, CVE-2019-1300."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1217",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1217"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1217",
"datePublished": "2019-09-11T21:24:58",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T18:13:29.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0746 (GCVE-0-2019-0746)
Vulnerability from cvelistv5
Published
2019-04-08 23:37
Modified
2024-08-04 17:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Internet Explorer 9 |
Version: Windows Server 2008 for 32-bit Systems Service Pack 2 Version: Windows Server 2008 for x64-based Systems Service Pack 2 |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:58:57.404Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0746"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Internet Explorer 9",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows Server 2008 for 32-bit Systems Service Pack 2"
},
{
"status": "affected",
"version": "Windows Server 2008 for x64-based Systems Service Pack 2"
}
]
},
{
"product": "Internet Explorer 11",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 7 for x64-based Systems Service Pack 1"
}
]
},
{
"product": "Internet Explorer 10",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 8.1 for 32-bit systems"
},
{
"status": "affected",
"version": "Windows 8.1 for x64-based systems"
},
{
"status": "affected",
"version": "Windows Server 2012 R2"
},
{
"status": "affected",
"version": "Windows RT 8.1"
},
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
}
]
},
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows Server 2012"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
}
]
}
],
"datePublic": "2019-03-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka \u0027Scripting Engine Information Disclosure Vulnerability\u0027."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-08T23:37:34",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0746"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0746",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Internet Explorer 9",
"version": {
"version_data": [
{
"version_value": "Windows Server 2008 for 32-bit Systems Service Pack 2"
},
{
"version_value": "Windows Server 2008 for x64-based Systems Service Pack 2"
}
]
}
},
{
"product_name": "Internet Explorer 11",
"version": {
"version_data": [
{
"version_value": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"version_value": "Windows 7 for x64-based Systems Service Pack 1"
}
]
}
},
{
"product_name": "Internet Explorer 10",
"version": {
"version_data": [
{
"version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows 8.1 for 32-bit systems"
},
{
"version_value": "Windows 8.1 for x64-based systems"
},
{
"version_value": "Windows Server 2012 R2"
},
{
"version_value": "Windows RT 8.1"
},
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
}
]
}
},
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows Server 2012"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka \u0027Scripting Engine Information Disclosure Vulnerability\u0027."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0746",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0746"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0746",
"datePublished": "2019-04-08T23:37:34",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:58:57.404Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0644 (GCVE-0-2019-0644)
Vulnerability from cvelistv5
Published
2019-03-06 00:00
Modified
2024-08-04 17:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:51:27.155Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106889",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106889"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0644"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"datePublic": "2019-03-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-06T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "106889",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106889"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0644"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0644",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106889",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106889"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0644",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0644"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0644",
"datePublished": "2019-03-06T00:00:00",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:51:27.155Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0771 (GCVE-0-2019-0771)
Vulnerability from cvelistv5
Published
2019-04-09 02:19
Modified
2024-08-04 17:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0773, CVE-2019-0783.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:58:57.423Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0771"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"datePublic": "2019-03-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0773, CVE-2019-0783."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-09T02:19:20",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0771"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0771",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0773, CVE-2019-0783."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0771",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0771"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0771",
"datePublished": "2019-04-09T02:19:20",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:58:57.423Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0946 (GCVE-0-2018-0946)
Vulnerability from cvelistv5
Published
2018-05-09 19:00
Modified
2024-08-05 03:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:44:11.681Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "44758",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44758/"
},
{
"name": "103989",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103989"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0946"
},
{
"name": "1040844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040844"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-05-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-27T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "44758",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44758/"
},
{
"name": "103989",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103989"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0946"
},
{
"name": "1040844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040844"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-0946",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "44758",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44758/"
},
{
"name": "103989",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103989"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0946",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0946"
},
{
"name": "1040844",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040844"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0946",
"datePublished": "2018-05-09T19:00:00",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-08-05T03:44:11.681Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8288 (GCVE-0-2018-8288)
Vulnerability from cvelistv5
Published
2018-07-11 00:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8291, CVE-2018-8296, CVE-2018-8298.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: ChakraCore |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:34.888Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45213",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45213/"
},
{
"name": "1041256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041256"
},
{
"name": "104636",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104636"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8288"
},
{
"name": "1041258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041258"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
},
{
"product": "Internet Explorer 11",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 8.1 for 32-bit systems"
},
{
"status": "affected",
"version": "Windows 8.1 for x64-based systems"
},
{
"status": "affected",
"version": "Windows RT 8.1"
},
{
"status": "affected",
"version": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows Server 2012 R2"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
}
],
"datePublic": "2018-07-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8291, CVE-2018-8296, CVE-2018-8298."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-19T09:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "45213",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45213/"
},
{
"name": "1041256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041256"
},
{
"name": "104636",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104636"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8288"
},
{
"name": "1041258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041258"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8288",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
},
{
"product_name": "Internet Explorer 11",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"version_value": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows 8.1 for 32-bit systems"
},
{
"version_value": "Windows 8.1 for x64-based systems"
},
{
"version_value": "Windows RT 8.1"
},
{
"version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows Server 2012 R2"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8291, CVE-2018-8296, CVE-2018-8298."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "45213",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45213/"
},
{
"name": "1041256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041256"
},
{
"name": "104636",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104636"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8288",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8288"
},
{
"name": "1041258",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041258"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8288",
"datePublished": "2018-07-11T00:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:34.888Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8145 (GCVE-0-2018-8145)
Vulnerability from cvelistv5
Published
2018-05-09 19:00
Modified
2024-08-05 06:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user's computer or data, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-0943, CVE-2018-8130, CVE-2018-8133, CVE-2018-8177.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: ChakraCore |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:46:13.452Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8145"
},
{
"name": "45011",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45011/"
},
{
"name": "103986",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103986"
},
{
"name": "1040844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040844"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
},
{
"product": "Internet Explorer 11",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 8.1 for 32-bit systems"
},
{
"status": "affected",
"version": "Windows 8.1 for x64-based systems"
},
{
"status": "affected",
"version": "Windows RT 8.1"
},
{
"status": "affected",
"version": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows Server 2012 R2"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "Internet Explorer 10",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows Server 2012"
}
]
}
],
"datePublic": "2018-05-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user\u0027s computer or data, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-0943, CVE-2018-8130, CVE-2018-8133, CVE-2018-8177."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-27T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8145"
},
{
"name": "45011",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45011/"
},
{
"name": "103986",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103986"
},
{
"name": "1040844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040844"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8145",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
},
{
"product_name": "Internet Explorer 11",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"version_value": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows 8.1 for 32-bit systems"
},
{
"version_value": "Windows 8.1 for x64-based systems"
},
{
"version_value": "Windows RT 8.1"
},
{
"version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows Server 2012 R2"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "Internet Explorer 10",
"version": {
"version_data": [
{
"version_value": "Windows Server 2012"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user\u0027s computer or data, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-0943, CVE-2018-8130, CVE-2018-8133, CVE-2018-8177."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8145",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8145"
},
{
"name": "45011",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45011/"
},
{
"name": "103986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103986"
},
{
"name": "1040844",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040844"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8145",
"datePublished": "2018-05-09T19:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:46:13.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8381 (GCVE-0-2018-8381)
Vulnerability from cvelistv5
Published
2018-08-15 17:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8266, CVE-2018-8380, CVE-2018-8384.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows Server 2016 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1041457",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041457"
},
{
"name": "104980",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104980"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8381"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-08-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8266, CVE-2018-8380, CVE-2018-8384."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-16T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1041457",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041457"
},
{
"name": "104980",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104980"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8381"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8381",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8266, CVE-2018-8380, CVE-2018-8384."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041457",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041457"
},
{
"name": "104980",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104980"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8381",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8381"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8381",
"datePublished": "2018-08-15T17:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:36.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0860 (GCVE-0-2019-0860)
Vulnerability from cvelistv5
Published
2019-04-09 20:19
Modified
2024-08-04 17:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0812, CVE-2019-0829, CVE-2019-0861.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:58:59.623Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0860"
},
{
"name": "107722",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107722"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0812, CVE-2019-0829, CVE-2019-0861."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-09T21:06:06",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0860"
},
{
"name": "107722",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107722"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0860",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0812, CVE-2019-0829, CVE-2019-0861."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0860",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0860"
},
{
"name": "107722",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107722"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0860",
"datePublished": "2019-04-09T20:19:48",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:58:59.623Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8243 (GCVE-0-2018-8243)
Vulnerability from cvelistv5
Published
2018-06-14 12:00
Modified
2024-08-05 06:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-8267.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft | ChakraCore |
Version: ChakraCore |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:46:13.792Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8243"
},
{
"name": "104403",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104403"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-06-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore. This CVE ID is unique from CVE-2018-8267."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-15T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8243"
},
{
"name": "104403",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104403"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8243",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore. This CVE ID is unique from CVE-2018-8267."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8243",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8243"
},
{
"name": "104403",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104403"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8243",
"datePublished": "2018-06-14T12:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:46:13.792Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8390 (GCVE-0-2018-8390)
Vulnerability from cvelistv5
Published
2018-08-15 17:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.323Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1041457",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041457"
},
{
"name": "105041",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105041"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8390"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-08-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-16T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1041457",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041457"
},
{
"name": "105041",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105041"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8390"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8390",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041457",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041457"
},
{
"name": "105041",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105041"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8390",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8390"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8390",
"datePublished": "2018-08-15T17:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:36.323Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0609 (GCVE-0-2019-0609)
Vulnerability from cvelistv5
Published
2019-04-08 22:31
Modified
2024-08-04 17:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Internet Explorer 11 |
Version: Windows 7 for 32-bit Systems Service Pack 1 Version: Windows 7 for x64-based Systems Service Pack 1 Version: Windows Server 2008 R2 for x64-based Systems Service Pack 1 Version: Windows 8.1 for 32-bit systems Version: Windows 8.1 for x64-based systems Version: Windows Server 2012 R2 |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:51:26.816Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0609"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Internet Explorer 11",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 8.1 for 32-bit systems"
},
{
"status": "affected",
"version": "Windows 8.1 for x64-based systems"
},
{
"status": "affected",
"version": "Windows Server 2012 R2"
}
]
},
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows RT 8.1"
},
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows Server 2019"
}
]
}
],
"datePublic": "2019-03-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-08T22:31:49",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0609"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0609",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Internet Explorer 11",
"version": {
"version_data": [
{
"version_value": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"version_value": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows 8.1 for 32-bit systems"
},
{
"version_value": "Windows 8.1 for x64-based systems"
},
{
"version_value": "Windows Server 2012 R2"
}
]
}
},
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows RT 8.1"
},
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "Windows Server 2019"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0609",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0609"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0609",
"datePublished": "2019-04-08T22:31:49",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:51:26.816Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8541 (GCVE-0-2018-8541)
Vulnerability from cvelistv5
Published
2018-11-14 01:00
Modified
2024-08-05 07:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows Server 2019 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:02:25.777Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105771",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105771"
},
{
"name": "1042107",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1042107"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8541"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-11-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-14T10:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "105771",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105771"
},
{
"name": "1042107",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1042107"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8541"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8541",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows Server 2019"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105771",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105771"
},
{
"name": "1042107",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1042107"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8541",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8541"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8541",
"datePublished": "2018-11-14T01:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T07:02:25.777Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8367 (GCVE-0-2018-8367)
Vulnerability from cvelistv5
Published
2018-09-13 00:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8465, CVE-2018-8466, CVE-2018-8467.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows Server 2016 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.218Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8367"
},
{
"name": "1041623",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041623"
},
{
"name": "105245",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105245"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-09-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8465, CVE-2018-8466, CVE-2018-8467."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-13T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8367"
},
{
"name": "1041623",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041623"
},
{
"name": "105245",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105245"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8367",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8465, CVE-2018-8466, CVE-2018-8467."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8367",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8367"
},
{
"name": "1041623",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041623"
},
{
"name": "105245",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105245"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8367",
"datePublished": "2018-09-13T00:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:36.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0655 (GCVE-0-2019-0655)
Vulnerability from cvelistv5
Published
2019-03-06 00:00
Modified
2024-08-04 17:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:51:26.820Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106912",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106912"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0655"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"datePublic": "2019-03-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-06T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "106912",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106912"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0655"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0655",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106912",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106912"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0655",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0655"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0655",
"datePublished": "2019-03-06T00:00:00",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:51:26.820Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0914 (GCVE-0-2019-0914)
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:58:59.600Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0914"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-16T18:17:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0914"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0914",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0914",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0914"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0914",
"datePublished": "2019-05-16T18:17:02",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:58:59.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1024 (GCVE-0-2019-1024)
Vulnerability from cvelistv5
Published
2019-06-12 13:49
Modified
2025-05-20 17:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.
The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: 0 < publication |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:06:31.617Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"ChakraCore"
],
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows 10 Version 1703 for 32-bit Systems",
"Windows 10 Version 1703 for x64-based Systems",
"Windows 10 Version 1803 for 32-bit Systems",
"Windows 10 Version 1803 for x64-based Systems",
"Windows 10 Version 1803 for ARM64-based Systems",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows 10 Version 1709 for 32-bit Systems",
"Windows 10 Version 1709 for x64-based Systems",
"Windows 10 Version 1709 for ARM64-based Systems",
"Windows 10 Version 1903 for 32-bit Systems",
"Windows 10 Version 1903 for x64-based Systems",
"Windows 10 Version 1903 for ARM64-based Systems"
],
"product": "Microsoft Edge (EdgeHTML-based)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0..0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*",
"versionEndExcluding": "publication",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*",
"versionEndExcluding": "publication",
"versionStartIncluding": "1.0..0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2019-06-11T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nIn a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.\nThe security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T17:50:08.832Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Chakra Scripting Engine Memory Corruption Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-1024"
}
],
"title": "Chakra Scripting Engine Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1024",
"datePublished": "2019-06-12T13:49:40",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2025-05-20T17:50:08.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8298 (GCVE-0-2018-8298)
Vulnerability from cvelistv5
Published
2018-07-11 00:00
Modified
2025-10-21 23:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft | ChakraCore |
Version: ChakraCore |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.357Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8298"
},
{
"name": "104639",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104639"
},
{
"name": "45217",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45217/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2018-8298",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T16:26:02.663829Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-03-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-8298"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843 Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:45:49.700Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-8298"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-03-03T00:00:00+00:00",
"value": "CVE-2018-8298 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-07-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-19T09:57:02.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8298"
},
{
"name": "104639",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104639"
},
{
"name": "45217",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45217/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8298",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8298",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8298"
},
{
"name": "104639",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104639"
},
{
"name": "45217",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45217/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8298",
"datePublished": "2018-07-11T00:00:00.000Z",
"dateReserved": "2018-03-14T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:45:49.700Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1237 (GCVE-0-2019-1237)
Vulnerability from cvelistv5
Published
2019-09-11 21:24
Modified
2024-08-04 18:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1138, CVE-2019-1217, CVE-2019-1298, CVE-2019-1300.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge (EdgeHTML-based) on Windows Server 2016 |
Version: unspecified |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:13:29.645Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1237"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1138, CVE-2019-1217, CVE-2019-1298, CVE-2019-1300."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-11T21:24:58",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1237"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-1237",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1138, CVE-2019-1217, CVE-2019-1298, CVE-2019-1300."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1237",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1237"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1237",
"datePublished": "2019-09-11T21:24:58",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T18:13:29.645Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0994 (GCVE-0-2018-0994)
Vulnerability from cvelistv5
Published
2018-04-12 01:00
Modified
2024-08-05 03:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0995, CVE-2018-1019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1511 for 32-bit Systems Version: Windows 10 Version 1511 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows Server 2016 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:44:11.922Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040650",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040650"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0994"
},
{
"name": "103630",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103630"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1511 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1511 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0995, CVE-2018-1019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-12T09:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1040650",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040650"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0994"
},
{
"name": "103630",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103630"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-0994",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1511 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1511 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0995, CVE-2018-1019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040650",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040650"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0994",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0994"
},
{
"name": "103630",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103630"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0994",
"datePublished": "2018-04-12T01:00:00",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-08-05T03:44:11.922Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-0878 (GCVE-0-2020-0878)
Vulnerability from cvelistv5
Published
2020-09-11 17:08
Modified
2025-10-21 23:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
<p>A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, the attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p>
<p>An attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft browsers, and then convince a user to view the website. The attacker could also take advantage of compromised websites, or websites that accept or host user-provided content or advertisements, by adding specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically via an enticement in email or instant message, or by getting them to open an email attachment.</p>
<p>The security update addresses the vulnerability by modifying how Microsoft browsers handle objects in memory.</p>
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: 0 < publication cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:* |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:18:03.385Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0878"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-0878",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T18:21:10.302219Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0878"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:35:36.572Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0878"
}
],
"timeline": [
{
"lang": "en",
"time": "2021-11-03T00:00:00+00:00",
"value": "CVE-2020-0878 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 10 Version 1803 for 32-bit Systems",
"Windows 10 Version 1803 for x64-based Systems",
"Windows 10 Version 1803 for ARM64-based Systems",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows 10 Version 1909 for 32-bit Systems",
"Windows 10 Version 1909 for x64-based Systems",
"Windows 10 Version 1909 for ARM64-based Systems",
"Windows 10 Version 1709 for 32-bit Systems",
"Windows 10 Version 1709 for x64-based Systems",
"Windows 10 Version 1709 for ARM64-based Systems",
"Windows 10 Version 1903 for 32-bit Systems",
"Windows 10 Version 1903 for x64-based Systems",
"Windows 10 Version 1903 for ARM64-based Systems",
"Windows 10 Version 2004 for 32-bit Systems",
"Windows 10 Version 2004 for ARM64-based Systems",
"Windows 10 Version 2004 for x64-based Systems",
"Windows 10 for 32-bit Systems",
"Windows 10 for x64-based Systems",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows 10 Version 1607 for x64-based Systems",
"Windows Server 2016"
],
"product": "Microsoft Edge (EdgeHTML-based)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0..0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*"
],
"platforms": [
"Windows Server 2008 for 32-bit Systems Service Pack 2",
"Windows Server 2008 for x64-based Systems Service Pack 2"
],
"product": "Internet Explorer 9",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*"
],
"platforms": [
"Windows 10 Version 1803 for 32-bit Systems",
"Windows 10 Version 1803 for x64-based Systems",
"Windows 10 Version 1803 for ARM64-based Systems",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows 10 Version 1909 for 32-bit Systems",
"Windows 10 Version 1909 for x64-based Systems",
"Windows 10 Version 1909 for ARM64-based Systems",
"Windows 10 Version 1709 for 32-bit Systems",
"Windows 10 Version 1709 for x64-based Systems",
"Windows 10 Version 1709 for ARM64-based Systems",
"Windows 10 Version 1903 for 32-bit Systems",
"Windows 10 Version 1903 for x64-based Systems",
"Windows 10 Version 1903 for ARM64-based Systems",
"Windows 10 Version 2004 for 32-bit Systems",
"Windows 10 Version 2004 for ARM64-based Systems",
"Windows 10 Version 2004 for x64-based Systems",
"Windows 10 for 32-bit Systems",
"Windows 10 for x64-based Systems",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows 10 Version 1607 for x64-based Systems",
"Windows Server 2016",
"Windows 7 for 32-bit Systems Service Pack 1",
"Windows 7 for x64-based Systems Service Pack 1",
"Windows 8.1 for 32-bit systems",
"Windows 8.1 for x64-based systems",
"Windows RT 8.1",
"Windows Server 2008 R2 for x64-based Systems Service Pack 1",
"Windows Server 2012",
"Windows Server 2012 R2"
],
"product": "Internet Explorer 11",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-09-08T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "\u003cp\u003eA remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, the attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\u003c/p\u003e\n\u003cp\u003eAn attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft browsers, and then convince a user to view the website. The attacker could also take advantage of compromised websites, or websites that accept or host user-provided content or advertisements, by adding specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically via an enticement in email or instant message, or by getting them to open an email attachment.\u003c/p\u003e\n\u003cp\u003eThe security update addresses the vulnerability by modifying how Microsoft browsers handle objects in memory.\u003c/p\u003e\n"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-31T21:34:24.471Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0878"
}
],
"title": "Microsoft Browser Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-0878",
"datePublished": "2020-09-11T17:08:26.000Z",
"dateReserved": "2019-11-04T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:35:36.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8556 (GCVE-0-2018-8556)
Vulnerability from cvelistv5
Published
2018-11-14 01:00
Modified
2024-08-05 07:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8557, CVE-2018-8588.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for ARM64-based Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows Server 2016 Version: Windows Server 2019 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:02:25.529Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105779",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105779"
},
{
"name": "1042107",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1042107"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8556"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows Server 2019"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-11-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8557, CVE-2018-8588."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-14T10:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "105779",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105779"
},
{
"name": "1042107",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1042107"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8556"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8556",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows Server 2019"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8557, CVE-2018-8588."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105779",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105779"
},
{
"name": "1042107",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1042107"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8556",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8556"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8556",
"datePublished": "2018-11-14T01:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T07:02:25.529Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0593 (GCVE-0-2019-0593)
Vulnerability from cvelistv5
Published
2019-03-06 00:00
Modified
2024-08-04 17:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:51:27.296Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106936",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106936"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0593"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"datePublic": "2019-03-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-06T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "106936",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106936"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0593"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0593",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106936",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106936"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0593",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0593"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0593",
"datePublished": "2019-03-06T00:00:00",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:51:27.296Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8229 (GCVE-0-2018-8229)
Vulnerability from cvelistv5
Published
2018-06-14 12:00
Modified
2024-08-05 06:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8227.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows Server 2016 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:46:13.969Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104369",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104369"
},
{
"name": "45013",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45013/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8229"
},
{
"name": "1041097",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041097"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-06-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8227."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-27T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "104369",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104369"
},
{
"name": "45013",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45013/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8229"
},
{
"name": "1041097",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041097"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8229",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8227."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104369",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104369"
},
{
"name": "45013",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45013/"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8229",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8229"
},
{
"name": "1041097",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041097"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8229",
"datePublished": "2018-06-14T12:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:46:13.969Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8555 (GCVE-0-2018-8555)
Vulnerability from cvelistv5
Published
2018-11-14 01:00
Modified
2024-08-05 07:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for ARM64-based Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows Server 2016 Version: Windows Server 2019 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:02:24.952Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105775",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105775"
},
{
"name": "1042107",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1042107"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8555"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows Server 2019"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-11-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-14T10:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "105775",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105775"
},
{
"name": "1042107",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1042107"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8555"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8555",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows Server 2019"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105775",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105775"
},
{
"name": "1042107",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1042107"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8555",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8555"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8555",
"datePublished": "2018-11-14T01:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T07:02:24.952Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0922 (GCVE-0-2019-0922)
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:58:59.927Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0922"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-16T18:17:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0922"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0922",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0922",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0922"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0922",
"datePublished": "2019-05-16T18:17:02",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:58:59.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1298 (GCVE-0-2019-1298)
Vulnerability from cvelistv5
Published
2019-09-11 21:25
Modified
2024-08-04 18:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1138, CVE-2019-1217, CVE-2019-1237, CVE-2019-1300.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge (EdgeHTML-based) on Windows Server 2016 |
Version: unspecified |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:13:29.910Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1298"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1138, CVE-2019-1217, CVE-2019-1237, CVE-2019-1300."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-11T21:25:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1298"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-1298",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1138, CVE-2019-1217, CVE-2019-1237, CVE-2019-1300."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1298",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1298"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1298",
"datePublished": "2019-09-11T21:25:01",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T18:13:29.910Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0943 (GCVE-0-2018-0943)
Vulnerability from cvelistv5
Published
2018-05-09 19:00
Modified
2024-08-05 03:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8130, CVE-2018-8133, CVE-2018-8145, CVE-2018-8177.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows Server 2016 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:44:11.507Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "103980",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103980"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0943"
},
{
"name": "1040844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040844"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-05-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8130, CVE-2018-8133, CVE-2018-8145, CVE-2018-8177."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-10T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "103980",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103980"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0943"
},
{
"name": "1040844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040844"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-0943",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8130, CVE-2018-8133, CVE-2018-8145, CVE-2018-8177."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "103980",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103980"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0943",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0943"
},
{
"name": "1040844",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040844"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0943",
"datePublished": "2018-05-09T19:00:00",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-08-05T03:44:11.507Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-0830 (GCVE-0-2020-0830)
Vulnerability from cvelistv5
Published
2020-03-12 15:48
Modified
2024-08-04 06:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: unspecified |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:18:03.458Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0830"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 8.1 for 32-bit systems"
},
{
"status": "affected",
"version": "Windows 8.1 for x64-based systems"
},
{
"status": "affected",
"version": "Windows RT 8.1"
},
{
"status": "affected",
"version": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows Server 2012 R2"
}
]
},
{
"product": "Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11 on Windows Server 2012",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-12T15:48:33",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0830"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2020-0830",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"version_value": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows 8.1 for 32-bit systems"
},
{
"version_value": "Windows 8.1 for x64-based systems"
},
{
"version_value": "Windows RT 8.1"
},
{
"version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows Server 2012 R2"
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows Server 2012",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0830",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0830"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-0830",
"datePublished": "2020-03-12T15:48:33",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:18:03.458Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1092 (GCVE-0-2019-1092)
Vulnerability from cvelistv5
Published
2019-07-15 18:56
Modified
2024-08-04 18:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1103, CVE-2019-1106, CVE-2019-1107.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:06:31.639Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1092"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1062, CVE-2019-1103, CVE-2019-1106, CVE-2019-1107."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-15T18:56:21",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1092"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-1092",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1062, CVE-2019-1103, CVE-2019-1106, CVE-2019-1107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1092",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1092"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1092",
"datePublished": "2019-07-15T18:56:21",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T18:06:31.639Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0937 (GCVE-0-2019-0937)
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:58:59.564Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0937"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-16T18:17:03",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0937"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0937",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0937",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0937"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0937",
"datePublished": "2019-05-16T18:17:03",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:58:59.564Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8510 (GCVE-0-2018-8510)
Vulnerability from cvelistv5
Published
2018-10-10 13:00
Modified
2024-08-05 07:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8503, CVE-2018-8505, CVE-2018-8511, CVE-2018-8513.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows Server 2019 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:02:24.470Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105470",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105470"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8510"
},
{
"name": "1041825",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041825"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-10-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8503, CVE-2018-8505, CVE-2018-8511, CVE-2018-8513."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "105470",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105470"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8510"
},
{
"name": "1041825",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041825"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8510",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows Server 2019"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8503, CVE-2018-8505, CVE-2018-8511, CVE-2018-8513."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105470",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105470"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8510",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8510"
},
{
"name": "1041825",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041825"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8510",
"datePublished": "2018-10-10T13:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T07:02:24.470Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0924 (GCVE-0-2019-0924)
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:58:59.634Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0924"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-16T18:17:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0924"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0924",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0924",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0924"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0924",
"datePublished": "2019-05-16T18:17:02",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:58:59.634Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-0969 (GCVE-0-2020-0969)
Vulnerability from cvelistv5
Published
2020-04-15 15:13
Modified
2024-08-04 06:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Chakra Scripting Engine Memory Corruption Vulnerability'.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: unspecified |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:18:03.640Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0969"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-15T15:13:08",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0969"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2020-0969",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0969",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0969"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-0969",
"datePublished": "2020-04-15T15:13:08",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:18:03.640Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1131 (GCVE-0-2019-1131)
Vulnerability from cvelistv5
Published
2019-08-14 20:55
Modified
2024-08-04 18:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.
The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: 0 < publication cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:* |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:06:31.678Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1131"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 10 Version 1803 for 32-bit Systems",
"Windows 10 Version 1803 for x64-based Systems",
"Windows 10 Version 1803 for ARM64-based Systems",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows 10 Version 1709 for 32-bit Systems",
"Windows 10 Version 1709 for x64-based Systems",
"Windows 10 Version 1709 for ARM64-based Systems",
"Windows 10 Version 1903 for 32-bit Systems",
"Windows 10 Version 1903 for x64-based Systems",
"Windows 10 Version 1903 for ARM64-based Systems"
],
"product": "Microsoft Edge (EdgeHTML-based)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0..0",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-08-13T07:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nIn a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.\nThe security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T16:50:27.711Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1131"
}
],
"title": "Chakra Scripting Engine Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1131",
"datePublished": "2019-08-14T20:55:02",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T18:06:31.678Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8456 (GCVE-0-2018-8456)
Vulnerability from cvelistv5
Published
2018-09-13 00:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8354, CVE-2018-8391, CVE-2018-8457, CVE-2018-8459.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.490Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1041623",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041623"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8456"
},
{
"name": "105227",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105227"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-09-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8354, CVE-2018-8391, CVE-2018-8457, CVE-2018-8459."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-13T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "1041623",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041623"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8456"
},
{
"name": "105227",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105227"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8456",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8354, CVE-2018-8391, CVE-2018-8457, CVE-2018-8459."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041623",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041623"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8456",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8456"
},
{
"name": "105227",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105227"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8456",
"datePublished": "2018-09-13T00:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:36.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1141 (GCVE-0-2019-1141)
Vulnerability from cvelistv5
Published
2019-08-14 20:55
Modified
2024-08-04 18:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.
The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: 0 < publication cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:* |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:06:31.991Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1141"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows 10 Version 1903 for 32-bit Systems",
"Windows 10 Version 1903 for x64-based Systems",
"Windows 10 Version 1903 for ARM64-based Systems"
],
"product": "Microsoft Edge (EdgeHTML-based)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0..0",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-08-13T07:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nIn a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.\nThe security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T16:50:29.703Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1141"
}
],
"title": "Chakra Scripting Engine Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1141",
"datePublished": "2019-08-14T20:55:02",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T18:06:31.991Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0913 (GCVE-0-2019-0913)
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:58:59.629Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0913"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-16T18:17:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0913"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0913",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0913",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0913"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0913",
"datePublished": "2019-05-16T18:17:02",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:58:59.629Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8617 (GCVE-0-2018-8617)
Vulnerability from cvelistv5
Published
2018-12-12 00:00
Modified
2024-08-05 07:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8618, CVE-2018-8624, CVE-2018-8629.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for ARM64-based Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows Server 2016 Version: Windows Server 2019 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:02:25.858Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106112",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106112"
},
{
"name": "46202",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46202/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8617"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows Server 2019"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-12-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8618, CVE-2018-8624, CVE-2018-8629."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-19T10:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "106112",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106112"
},
{
"name": "46202",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46202/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8617"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8617",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows Server 2019"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8618, CVE-2018-8624, CVE-2018-8629."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106112",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106112"
},
{
"name": "46202",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46202/"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8617",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8617"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8617",
"datePublished": "2018-12-12T00:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T07:02:25.858Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0990 (GCVE-0-2018-0990)
Vulnerability from cvelistv5
Published
2018-04-12 01:00
Modified
2024-08-05 03:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1511 for 32-bit Systems Version: Windows 10 Version 1511 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows Server 2016 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:44:11.834Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0990"
},
{
"name": "1040650",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040650"
},
{
"name": "103604",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103604"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1511 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1511 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-12T09:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0990"
},
{
"name": "1040650",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040650"
},
{
"name": "103604",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103604"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-0990",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1511 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1511 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0990",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0990"
},
{
"name": "1040650",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040650"
},
{
"name": "103604",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103604"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0990",
"datePublished": "2018-04-12T01:00:00",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-08-05T03:44:11.834Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0911 (GCVE-0-2019-0911)
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0884, CVE-2019-0918.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Internet Explorer 11 |
Version: Windows 7 for 32-bit Systems Service Pack 1 Version: Windows 7 for x64-based Systems Service Pack 1 Version: Windows Server 2008 R2 for x64-based Systems Service Pack 1 Version: Windows 8.1 for 32-bit systems Version: Windows 8.1 for x64-based systems Version: Windows Server 2012 R2 Version: Windows RT 8.1 Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:58:59.897Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0911"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Internet Explorer 11",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "Windows 8.1 for 32-bit systems"
},
{
"status": "affected",
"version": "Windows 8.1 for x64-based systems"
},
{
"status": "affected",
"version": "Windows Server 2012 R2"
},
{
"status": "affected",
"version": "Windows RT 8.1"
},
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "Internet Explorer 11 on Windows Server 2012",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Internet Explorer 10",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows Server 2012"
}
]
},
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0884, CVE-2019-0918."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-16T18:17:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0911"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0911",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Internet Explorer 11",
"version": {
"version_data": [
{
"version_value": "Windows 7 for 32-bit Systems Service Pack 1"
},
{
"version_value": "Windows 7 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"version_value": "Windows 8.1 for 32-bit systems"
},
{
"version_value": "Windows 8.1 for x64-based systems"
},
{
"version_value": "Windows Server 2012 R2"
},
{
"version_value": "Windows RT 8.1"
},
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows Server 2012",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Internet Explorer 10",
"version": {
"version_data": [
{
"version_value": "Windows Server 2012"
}
]
}
},
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0884, CVE-2019-0918."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0911",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0911"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0911",
"datePublished": "2019-05-16T18:17:02",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:58:59.897Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-0710 (GCVE-0-2020-0710)
Vulnerability from cvelistv5
Published
2020-02-11 21:23
Modified
2024-08-04 06:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: unspecified |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:11:05.563Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0710"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T21:23:07",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0710"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2020-0710",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0710",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0710"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-0710",
"datePublished": "2020-02-11T21:23:07",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:11:05.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1428 (GCVE-0-2019-1428)
Vulnerability from cvelistv5
Published
2019-11-12 18:53
Modified
2024-08-04 18:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1427, CVE-2019-1429.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge (EdgeHTML-based) on Windows Server 2016 |
Version: unspecified |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:27.387Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1428"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1426, CVE-2019-1427, CVE-2019-1429."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-12T18:53:10",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1428"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-1428",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1426, CVE-2019-1427, CVE-2019-1429."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1428",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1428"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1428",
"datePublished": "2019-11-12T18:53:10",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T18:20:27.387Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0989 (GCVE-0-2019-0989)
Vulnerability from cvelistv5
Published
2019-06-12 13:49
Modified
2025-05-20 17:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.
The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge (EdgeHTML-based) |
Version: 1.0..0 < publication |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:06:30.848Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0989"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows 10 Version 1703 for 32-bit Systems",
"Windows 10 Version 1703 for x64-based Systems",
"Windows 10 Version 1803 for 32-bit Systems",
"Windows 10 Version 1803 for x64-based Systems",
"Windows 10 Version 1803 for ARM64-based Systems",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows 10 Version 1709 for 32-bit Systems",
"Windows 10 Version 1709 for x64-based Systems",
"Windows 10 Version 1709 for ARM64-based Systems",
"Windows 10 for 32-bit Systems",
"Windows 10 for x64-based Systems",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows 10 Version 1607 for x64-based Systems",
"Windows Server 2016",
"Windows 10 Version 1903 for 32-bit Systems",
"Windows 10 Version 1903 for x64-based Systems",
"Windows 10 Version 1903 for ARM64-based Systems"
],
"product": "Microsoft Edge (EdgeHTML-based)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0..0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ChakraCore"
],
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*",
"versionEndExcluding": "publication",
"versionStartIncluding": "1.0..0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*",
"versionEndExcluding": "publication",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2019-06-11T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nIn a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.\nThe security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T17:49:38.702Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Chakra Scripting Engine Memory Corruption Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-0989"
}
],
"title": "Chakra Scripting Engine Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0989",
"datePublished": "2019-06-12T13:49:39",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2025-05-20T17:49:38.702Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0916 (GCVE-0-2019-0916)
Vulnerability from cvelistv5
Published
2019-05-16 18:17
Modified
2024-08-04 17:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:58:59.793Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0916"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-16T18:17:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0916"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0916",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933, CVE-2019-0937."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0916",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0916"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0916",
"datePublished": "2019-05-16T18:17:02",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:58:59.793Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-0848 (GCVE-0-2020-0848)
Vulnerability from cvelistv5
Published
2020-03-12 15:48
Modified
2024-08-04 06:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: unspecified |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:18:03.155Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0848"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-12T15:48:39",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0848"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2020-0848",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0848",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0848"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-0848",
"datePublished": "2020-03-12T15:48:39",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:18:03.155Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0945 (GCVE-0-2018-0945)
Vulnerability from cvelistv5
Published
2018-05-09 19:00
Modified
2024-08-05 03:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:44:11.667Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "103987",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103987"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0945"
},
{
"name": "1040844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040844"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-05-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-10T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "103987",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103987"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0945"
},
{
"name": "1040844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040844"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-0945",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "103987",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103987"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0945",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0945"
},
{
"name": "1040844",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040844"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-0945",
"datePublished": "2018-05-09T19:00:00",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-08-05T03:44:11.667Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-0712 (GCVE-0-2020-0712)
Vulnerability from cvelistv5
Published
2020-02-11 21:23
Modified
2024-08-04 06:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0713, CVE-2020-0767.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: unspecified |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:11:05.540Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0712"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0713, CVE-2020-0767."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T21:23:08",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0712"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2020-0712",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0713, CVE-2020-0767."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0712",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0712"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-0712",
"datePublished": "2020-02-11T21:23:08",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:11:05.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1003 (GCVE-0-2019-1003)
Vulnerability from cvelistv5
Published
2019-06-12 13:49
Modified
2025-05-20 17:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.
The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge (EdgeHTML-based) |
Version: 1.0..0 < publication |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:06:31.134Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1003"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows 10 Version 1703 for 32-bit Systems",
"Windows 10 Version 1703 for x64-based Systems",
"Windows 10 Version 1803 for 32-bit Systems",
"Windows 10 Version 1803 for x64-based Systems",
"Windows 10 Version 1803 for ARM64-based Systems",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows 10 Version 1709 for 32-bit Systems",
"Windows 10 Version 1709 for x64-based Systems",
"Windows 10 Version 1709 for ARM64-based Systems",
"Windows 10 for 32-bit Systems",
"Windows 10 for x64-based Systems",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows 10 Version 1607 for x64-based Systems",
"Windows Server 2016",
"Windows 10 Version 1903 for 32-bit Systems",
"Windows 10 Version 1903 for x64-based Systems",
"Windows 10 Version 1903 for ARM64-based Systems"
],
"product": "Microsoft Edge (EdgeHTML-based)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0..0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ChakraCore"
],
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*",
"versionEndExcluding": "publication",
"versionStartIncluding": "1.0..0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*",
"versionEndExcluding": "publication",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2019-06-11T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nIn a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.\nThe security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T17:50:04.611Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Chakra Scripting Engine Memory Corruption Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-1003"
}
],
"title": "Chakra Scripting Engine Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1003",
"datePublished": "2019-06-12T13:49:39",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2025-05-20T17:50:04.611Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0991 (GCVE-0-2019-0991)
Vulnerability from cvelistv5
Published
2019-06-12 13:49
Modified
2025-05-20 17:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.
The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge (EdgeHTML-based) |
Version: 1.0..0 < publication |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:06:31.268Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0991"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows 10 Version 1703 for 32-bit Systems",
"Windows 10 Version 1703 for x64-based Systems",
"Windows 10 Version 1803 for 32-bit Systems",
"Windows 10 Version 1803 for x64-based Systems",
"Windows 10 Version 1803 for ARM64-based Systems",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows 10 Version 1709 for 32-bit Systems",
"Windows 10 Version 1709 for x64-based Systems",
"Windows 10 Version 1709 for ARM64-based Systems",
"Windows 10 for 32-bit Systems",
"Windows 10 for x64-based Systems",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows 10 Version 1607 for x64-based Systems",
"Windows Server 2016",
"Windows 10 Version 1903 for 32-bit Systems",
"Windows 10 Version 1903 for x64-based Systems",
"Windows 10 Version 1903 for ARM64-based Systems"
],
"product": "Microsoft Edge (EdgeHTML-based)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0..0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ChakraCore"
],
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*",
"versionEndExcluding": "publication",
"versionStartIncluding": "1.0..0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*",
"versionEndExcluding": "publication",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2019-06-11T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nIn a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.\nThe security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T17:50:00.952Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Chakra Scripting Engine Memory Corruption Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-0991"
}
],
"title": "Chakra Scripting Engine Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0991",
"datePublished": "2019-06-12T13:49:39",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2025-05-20T17:50:00.952Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8618 (GCVE-0-2018-8618)
Vulnerability from cvelistv5
Published
2018-12-12 00:00
Modified
2024-08-05 07:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8617, CVE-2018-8624, CVE-2018-8629.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for ARM64-based Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows Server 2016 Version: Windows Server 2019 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:02:25.861Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106113",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106113"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8618"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows Server 2019"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-12-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8617, CVE-2018-8624, CVE-2018-8629."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-12T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "106113",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106113"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8618"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8618",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows Server 2019"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8617, CVE-2018-8624, CVE-2018-8629."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106113",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106113"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8618",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8618"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8618",
"datePublished": "2018-12-12T00:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T07:02:25.861Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8391 (GCVE-0-2018-8391)
Vulnerability from cvelistv5
Published
2018-09-13 00:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-8354, CVE-2018-8456, CVE-2018-8457, CVE-2018-8459.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft | ChakraCore |
Version: ChakraCore |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.409Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8391"
},
{
"name": "105231",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105231"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-09-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore. This CVE ID is unique from CVE-2018-8354, CVE-2018-8456, CVE-2018-8457, CVE-2018-8459."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-13T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8391"
},
{
"name": "105231",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105231"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8391",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore. This CVE ID is unique from CVE-2018-8354, CVE-2018-8456, CVE-2018-8457, CVE-2018-8459."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8391",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8391"
},
{
"name": "105231",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105231"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8391",
"datePublished": "2018-09-13T00:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:36.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-17131 (GCVE-0-2020-17131)
Vulnerability from cvelistv5
Published
2020-12-09 23:36
Modified
2025-08-28 22:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
Chakra Scripting Engine Memory Corruption Vulnerability
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: 0 < publication |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:53:16.550Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17131"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows 10 Version 20H2 for 32-bit Systems",
"Windows 10 Version 20H2 for ARM64-based Systems",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows 10 Version 1909 for 32-bit Systems",
"Windows 10 Version 1909 for x64-based Systems",
"Windows 10 Version 1909 for ARM64-based Systems",
"Windows 10 Version 1903 for 32-bit Systems",
"Windows 10 Version 1903 for x64-based Systems",
"Windows 10 Version 1903 for ARM64-based Systems",
"Windows 10 Version 2004 for 32-bit Systems",
"Windows 10 Version 2004 for ARM64-based Systems",
"Windows 10 Version 2004 for x64-based Systems"
],
"product": "Microsoft Edge (EdgeHTML-based)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0..0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*",
"versionEndExcluding": "publication",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*",
"versionEndExcluding": "publication",
"versionStartIncluding": "1.0..0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2020-12-08T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Chakra Scripting Engine Memory Corruption Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-28T22:23:46.637Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Chakra Scripting Engine Memory Corruption Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17131"
}
],
"title": "Chakra Scripting Engine Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-17131",
"datePublished": "2020-12-09T23:36:50",
"dateReserved": "2020-08-04T00:00:00",
"dateUpdated": "2025-08-28T22:23:46.637Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8359 (GCVE-0-2018-8359)
Vulnerability from cvelistv5
Published
2018-08-15 17:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft | ChakraCore |
Version: ChakraCore |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:35.965Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8359"
},
{
"name": "1041457",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041457"
},
{
"name": "104990",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104990"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-08-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-16T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8359"
},
{
"name": "1041457",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041457"
},
{
"name": "104990",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104990"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8359",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8359",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8359"
},
{
"name": "1041457",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041457"
},
{
"name": "104990",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104990"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8359",
"datePublished": "2018-08-15T17:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:35.965Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0611 (GCVE-0-2019-0611)
Vulnerability from cvelistv5
Published
2019-04-08 22:33
Modified
2024-08-04 17:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0592.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:51:26.876Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0611"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"datePublic": "2019-03-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0592."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-08T22:33:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0611"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0611",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0592."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0611",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0611"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0611",
"datePublished": "2019-04-08T22:33:02",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:51:26.876Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-0811 (GCVE-0-2020-0811)
Vulnerability from cvelistv5
Published
2020-03-12 15:48
Modified
2024-08-04 06:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based)L, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0812.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: unspecified |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:18:03.365Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0811"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based)L, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0812."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-12T15:48:25",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0811"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2020-0811",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based)L, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0812."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0811",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0811"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-0811",
"datePublished": "2020-03-12T15:48:25",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:18:03.365Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0812 (GCVE-0-2019-0812)
Vulnerability from cvelistv5
Published
2019-04-09 20:16
Modified
2024-08-04 17:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:58:59.378Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0812"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-09T20:16:25",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0812"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0812",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0812",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0812"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0812",
"datePublished": "2019-04-09T20:16:25",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:58:59.378Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0640 (GCVE-0-2019-0640)
Vulnerability from cvelistv5
Published
2019-03-06 00:00
Modified
2024-08-04 17:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:51:26.942Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0640"
},
{
"name": "106910",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106910"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"datePublic": "2019-03-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-06T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0640"
},
{
"name": "106910",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106910"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0640",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0640",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0640"
},
{
"name": "106910",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106910"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0640",
"datePublished": "2019-03-06T00:00:00",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:51:26.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1426 (GCVE-0-2019-1426)
Vulnerability from cvelistv5
Published
2019-11-12 18:53
Modified
2024-08-04 18:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1427, CVE-2019-1428, CVE-2019-1429.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems |
Version: unspecified |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:26.928Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1426"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1427, CVE-2019-1428, CVE-2019-1429."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-12T18:53:09",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1426"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-1426",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1427, CVE-2019-1428, CVE-2019-1429."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1426",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1426"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1426",
"datePublished": "2019-11-12T18:53:09",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T18:20:26.928Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8629 (GCVE-0-2018-8629)
Vulnerability from cvelistv5
Published
2018-12-12 00:00
Modified
2024-08-05 07:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8617, CVE-2018-8618, CVE-2018-8624.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for ARM64-based Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows Server 2016 Version: Windows Server 2019 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:02:25.811Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8629"
},
{
"name": "106115",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106115"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows Server 2019"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-12-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8617, CVE-2018-8618, CVE-2018-8624."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-12T10:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8629"
},
{
"name": "106115",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106115"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8629",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows Server 2019"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8617, CVE-2018-8618, CVE-2018-8624."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8629",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8629"
},
{
"name": "106115",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106115"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8629",
"datePublished": "2018-12-12T00:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T07:02:25.811Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1195 (GCVE-0-2019-1195)
Vulnerability from cvelistv5
Published
2019-08-14 20:55
Modified
2024-08-04 18:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.
The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: 0 < publication cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:* |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:13:29.484Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1195"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:chakracore:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 10 Version 1703 for 32-bit Systems",
"Windows 10 Version 1703 for x64-based Systems",
"Windows 10 Version 1803 for 32-bit Systems",
"Windows 10 Version 1803 for x64-based Systems",
"Windows 10 Version 1803 for ARM64-based Systems",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows 10 Version 1709 for 32-bit Systems",
"Windows 10 Version 1709 for x64-based Systems",
"Windows 10 Version 1709 for ARM64-based Systems",
"Windows 10 Version 1903 for 32-bit Systems",
"Windows 10 Version 1903 for x64-based Systems",
"Windows 10 Version 1903 for ARM64-based Systems",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows 10 Version 1607 for x64-based Systems",
"Windows Server 2016"
],
"product": "Microsoft Edge (EdgeHTML-based)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "1.0..0",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-08-13T07:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nIn a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge (HTML-based) and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.\nThe security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T16:50:37.860Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1195"
}
],
"title": "Chakra Scripting Engine Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1195",
"datePublished": "2019-08-14T20:55:04",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T18:13:29.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-0713 (GCVE-0-2020-0713)
Vulnerability from cvelistv5
Published
2020-02-11 21:23
Modified
2024-08-04 06:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0767.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | ChakraCore |
Version: unspecified |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:11:05.540Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0713"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0767."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T21:23:08",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0713"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2020-0713",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2019",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows Server 2016",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0767."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0713",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0713"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-0713",
"datePublished": "2020-02-11T21:23:08",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:11:05.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0769 (GCVE-0-2019-0769)
Vulnerability from cvelistv5
Published
2019-04-09 01:36
Modified
2024-08-04 17:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:58:58.065Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0769"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"datePublic": "2019-03-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-09T01:36:44",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0769"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0769",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \u0027Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0769",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0769"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0769",
"datePublished": "2019-04-09T01:36:44",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:58:58.065Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1062 (GCVE-0-2019-1062)
Vulnerability from cvelistv5
Published
2019-07-15 18:56
Modified
2024-08-04 18:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1092, CVE-2019-1103, CVE-2019-1106, CVE-2019-1107.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows Server 2016 Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows 10 Version 1803 for ARM64-based Systems Version: Windows 10 Version 1809 for 32-bit Systems Version: Windows 10 Version 1809 for x64-based Systems Version: Windows 10 Version 1809 for ARM64-based Systems Version: Windows Server 2019 Version: Windows 10 Version 1709 for ARM64-based Systems |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:06:31.391Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1062"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2019"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1092, CVE-2019-1103, CVE-2019-1106, CVE-2019-1107."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-15T18:56:20",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1062"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-1062",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1809 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "Windows Server 2019"
},
{
"version_value": "Windows 10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for x64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1092, CVE-2019-1103, CVE-2019-1106, CVE-2019-1107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1062",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1062"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-1062",
"datePublished": "2019-07-15T18:56:20",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T18:06:31.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8465 (GCVE-0-2018-8465)
Vulnerability from cvelistv5
Published
2018-09-13 00:00
Modified
2024-08-05 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8367, CVE-2018-8466, CVE-2018-8467.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows 10 Version 1803 for 32-bit Systems Version: Windows 10 Version 1803 for x64-based Systems Version: Windows Server 2016 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:54:36.374Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8465"
},
{
"name": "1041623",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041623"
},
{
"name": "105242",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105242"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-09-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8367, CVE-2018-8466, CVE-2018-8467."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-13T09:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8465"
},
{
"name": "1041623",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041623"
},
{
"name": "105242",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105242"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-8465",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1803 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1803 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \"Chakra Scripting Engine Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8367, CVE-2018-8466, CVE-2018-8467."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8465",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8465"
},
{
"name": "1041623",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041623"
},
{
"name": "105242",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105242"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-8465",
"datePublished": "2018-09-13T00:00:00",
"dateReserved": "2018-03-14T00:00:00",
"dateUpdated": "2024-08-05T06:54:36.374Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-1023 (GCVE-0-2018-1023)
Vulnerability from cvelistv5
Published
2018-04-12 01:00
Modified
2024-08-05 03:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Microsoft Edge |
Version: Windows 10 for 32-bit Systems Version: Windows 10 for x64-based Systems Version: Windows 10 Version 1511 for 32-bit Systems Version: Windows 10 Version 1511 for x64-based Systems Version: Windows 10 Version 1607 for 32-bit Systems Version: Windows 10 Version 1607 for x64-based Systems Version: Windows 10 Version 1703 for 32-bit Systems Version: Windows 10 Version 1703 for x64-based Systems Version: Windows 10 Version 1709 for 32-bit Systems Version: Windows 10 Version 1709 for x64-based Systems Version: Windows Server 2016 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:44:11.722Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1023"
},
{
"name": "1040650",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040650"
},
{
"name": "103606",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103606"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Edge",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows 10 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1511 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1511 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Windows 10 Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Windows Server 2016"
}
]
},
{
"product": "ChakraCore",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "ChakraCore"
}
]
}
],
"datePublic": "2018-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka \"Microsoft Browser Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-12T09:57:02",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1023"
},
{
"name": "1040650",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040650"
},
{
"name": "103606",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103606"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2018-1023",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge",
"version": {
"version_data": [
{
"version_value": "Windows 10 for 32-bit Systems"
},
{
"version_value": "Windows 10 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1511 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1511 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1607 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1703 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1703 for x64-based Systems"
},
{
"version_value": "Windows 10 Version 1709 for 32-bit Systems"
},
{
"version_value": "Windows 10 Version 1709 for x64-based Systems"
},
{
"version_value": "Windows Server 2016"
}
]
}
},
{
"product_name": "ChakraCore",
"version": {
"version_data": [
{
"version_value": "ChakraCore"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka \"Microsoft Browser Memory Corruption Vulnerability.\" This affects Microsoft Edge, ChakraCore."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1023",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1023"
},
{
"name": "1040650",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040650"
},
{
"name": "103606",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103606"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2018-1023",
"datePublished": "2018-04-12T01:00:00",
"dateReserved": "2017-12-01T00:00:00",
"dateUpdated": "2024-08-05T03:44:11.722Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}