CVE-2019-0639 Information
Feb 14, 2021
cve
Description
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory aka ‘Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2019-0609 CVE-2019-0680 CVE-2019-0769 CVE-2019-0770 CVE-2019-0771 CVE-2019-0773 CVE-2019-0783.
CVSS Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Reference
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0639 https://www.zerodayinitiative.com/advisories/ZDI-20-122/
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction Required
NONE
Scope
REQUIRED
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
7.5
Share on: