Back to KEVs

CVE-2019-0541

A remote code execution vulnerability exists in the way that the MSHTML engine inproperly validates input, aka "MSHTML Engine Remote Code Execution...

Basic Information

CVE State: PUBLISHED
Reserved Date: November 26, 2018
Published Date: January 08, 2019
Last Updated: February 07, 2025
Vendor: Microsoft
Product: Microsoft Office, Microsoft Office Word Viewer, Internet Explorer 9, Internet Explorer 11, Microsoft Excel Viewer, Internet Explorer 10, Office
Description: A remote code execution vulnerability exists in the way that the MSHTML engine inproperly validates input, aka "MSHTML Engine Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Office Word Viewer, Internet Explorer 9, Internet Explorer 11, Microsoft Excel Viewer, Internet Explorer 10, Office 365 ProPlus.

CVSS Scores

SSVC Information

Exploitation: active
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (added 2021-11-03 00:00:00 UTC) Source

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0541 https://www.exploit-db.com/exploits/46536/ http://www.securityfocus.com/bid/106402

Known Exploited Vulnerability Information

Source	Added Date
CISA	2021-11-03 00:00:00 UTC