Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-0768

A security feature bypass vulnerability exists when Internet Explorer VBScript execution policy does not properly restrict VBScript under specific conditions, and to allow requests that should otherwise be ignored, aka 'Internet Explorer Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0761.

Published

2019-04-09T02:29:00.927

Last Modified

2024-11-21T04:17:14.997

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 4.3 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

8.6

Impact Score

2.9

Weaknesses

Type: Primary
CWE-20

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	microsoft	internet_explorer	11	Yes
Operating System	microsoft	windows_10	1709	No
Operating System	microsoft	windows_10	1803	No
Operating System	microsoft	windows_10	1809	No
Operating System	microsoft	windows_server_2019	-	No

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0768 Patch, Vendor Advisory ([email protected])
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0768 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)