Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-0612

A security feature bypass vulnerability exists when Click2Play protection in Microsoft Edge improperly handles flash objects. By itself, this bypass vulnerability does not allow arbitrary code execution, aka 'Microsoft Edge Security Feature Bypass Vulnerability'.

Published

2019-04-08T23:29:00.493

Last Modified

2024-11-21T04:16:57.817

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 5.3 (MEDIUM)

CVSSv2 Vector

AV:N/AC:H/Au:N/C:N/I:P/A:N

  • Access Vector: NETWORK
  • Access Complexity: HIGH
  • Authentication: NONE
  • Confidentiality Impact: NONE
  • Integrity Impact: PARTIAL
  • Availability Impact: NONE
Exploitability Score

4.9

Impact Score

2.9

Weaknesses
  • Type: Primary
    NVD-CWE-noinfo
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application microsoft edge - Yes
Operating System microsoft windows_10 1703 No
Operating System microsoft windows_10 1709 No
Operating System microsoft windows_10 1803 No
Operating System microsoft windows_10 1809 No
Operating System microsoft windows_server_2019 - No
References