KEVIntel
Back to KEVs
7.5
CVSS
High

CVE-2019-0752

PUBLISHED

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting...

Exploited in the wild Used in malware Remote
Vendor
Microsoft
Product
Internet Explorer 11, Internet Explorer 10
Published
Apr 09, 2019
EPSS

Description

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0739, CVE-2019-0753, CVE-2019-0862.

cisa malware ransomware microsoft

CVSS scores

CVSS v3.1 7.5 High

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2.0 7.6

AV:N/AC:H/Au:N/C:C/I:C/A:C

Exploitation status

Exploited in the wild

Recorded 2022-02-15 00:00:00 UTC · Source

Used in malware

Recorded 2022-02-15 00:00:00 UTC · Source

SSVC decision points

Exploitation
active
Automatable
No
Technical impact
total

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source Added
CISA Feb 15, 2022

Potential proof of concepts

These PoCs are unverified and could contain malware. Use at your own risk.

edxsh/CVE-2019-0752

github · Created 2020-12-18 22:53:16 UTC · 3 stars

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Exploit Used in Malware

  • Added to KEVIntel