CVE-2019-1428 — Vulnetix

Try Vulnetix Request Demo

CVE-2019-1428 PUBLISHED CVSS 7.5 HIGH

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1427, CVE-2019-1429.

EPSS 6.92% · 91.3th percentile

Risk Scores

CVSS v3.1

7.5

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

6.92%

91.3th percentile

Affected Products

Vendor	Product	Versions
Microsoft	Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems	unspecified
Microsoft	Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems	unspecified
Microsoft	Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems	unspecified
Microsoft	Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems	unspecified
Microsoft	Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems	unspecified
Microsoft	Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems	unspecified
Microsoft	Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems	unspecified
Microsoft	Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems	unspecified
Microsoft	ChakraCore	unspecified
microsoft	edge
Microsoft	Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems	unspecified
Microsoft	Microsoft Edge (EdgeHTML-based) on Windows Server 2019	unspecified
Microsoft	Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems	unspecified
Microsoft	Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems	unspecified
Microsoft	Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems	unspecified
Microsoft	Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems	unspecified
Microsoft	Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems	unspecified
microsoft	chakracore	0
Microsoft	Microsoft Edge (EdgeHTML-based) on Windows Server 2016	unspecified

Timeline

Nov 12, 2019 CVE Published
Aug 24, 2020 CVE Updated
Apr 14, 2021 EPSS Score
Aug 23, 2021 EPSS Score
Oct 24, 2021 EPSS Score
Nov 8, 2021 PoC Published
Jan 6, 2022 EPSS Score
Feb 4, 2022 EPSS Score
Apr 1, 2022 EPSS Score
Apr 28, 2022 EPSS Score
Aug 31, 2022 EPSS Score
Nov 1, 2022 EPSS Score

References

Open in Interactive Console →