Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

msrc логотип

CVE-2019-0676

Опубликовано: 12 фев. 2019
Источник: msrc
CVSS3: 2.4
EPSS Средний

Описание

Internet Explorer Information Disclosure Vulnerability

An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory.

An attacker who successfully exploited this vulnerability could test for the presence of files on disk. For an attack to be successful, an attacker must persuade a user to open a malicious website.

The security update addresses the vulnerability by changing the way Internet Explorer handles objects in memory.

FAQ

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system.

Обновления

ПродуктСтатьяОбновление
Internet Explorer 10 on Windows Server 2012
44870254486474
Monthly RollupIE Cumulative
Internet Explorer 11 on Windows 10 Version 1703 for 32-bit Systems
4487020
Security Update
Internet Explorer 11 on Windows 10 Version 1703 for x64-based Systems
4487020
Security Update
Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems
4487017
Security Update
Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems
4487017
Security Update
Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems
4487017
Security Update
Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems
4487044
Security Update
Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems
4487044
Security Update
Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems
4487044
Security Update
Internet Explorer 11 on Windows Server 2019
4487044
Security Update

Показывать по

Возможность эксплуатации

Publicly Disclosed

No

Exploited

Yes

Latest Software Release

Exploitation Detected

Older Software Release

Exploitation More Likely

EPSS

Процентиль: 96%
0.29573
Средний

2.4 Low

CVSS3

Связанные уязвимости

nvd логотип

CVE-2019-0676

CVSS3: 6.5
nvd
больше 6 лет назад

An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory.An attacker who successfully exploited this vulnerability could test for the presence of files on disk, aka 'Internet Explorer Information Disclosure Vulnerability'.

github логотип

GHSA-49rq-p3m9-2cqc

CVSS3: 6.5
github
больше 3 лет назад

An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory.An attacker who successfully exploited this vulnerability could test for the presence of files on disk, aka 'Internet Explorer Information Disclosure Vulnerability'.

fstec логотип

BDU:2019-00946

CVSS3: 4.3
fstec
больше 6 лет назад

Уязвимость веб-браузера Internet Explorer, вызваная чтением за границами буфера в памяти, позволяющая нарушителю получить доступ к защищаемой информации

EPSS

Процентиль: 96%
0.29573
Средний

2.4 Low

CVSS3