Executive Summary

Informations
NameCVE-2019-1238First vendor Publication2019-10-10
VendorCveLast vendor Modification2019-10-11

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:H/Au:S/C:C/I:C/A:C)
Cvss Base Score7.1Attack RangeNetwork
Cvss Impact Score10Attack ComplexityHigh
Cvss Expoit Score3.9AuthenticationRequires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1239.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1238

CWE : Common Weakness Enumeration

%idName
100 %CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

CPE : Common Platform Enumeration

TypeDescriptionCount
Application3
Os7
Os1
Os1
Os1
Os2
Os2
Os1
Os1

Snort® IPS/IDS

DateDescription
2019-11-12Microsoft Edge VBScript engine memory corruption attempt
RuleID : 51792 - Revision : 1 - Type : BROWSER-IE
2019-11-12Microsoft Edge VBScript engine memory corruption attempt
RuleID : 51791 - Revision : 1 - Type : BROWSER-IE

Sources (Detail)

SourceUrl
MISC https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1238

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2019-10-12 00:20:55
  • Multiple Updates
2019-10-11 00:20:51
  • First insertion