Rapid7 Vulnerability & Exploit Database

Microsoft Windows: CVE-2019-0940: Microsoft Browser Memory Corruption Vulnerability

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Microsoft Windows: CVE-2019-0940: Microsoft Browser Memory Corruption Vulnerability

Severity
8
CVSS
(AV:N/AC:H/Au:N/C:C/I:C/A:C)
Published
05/14/2019
Created
05/15/2019
Added
05/14/2019
Modified
09/06/2024

Description

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'.

Solution(s)

  • microsoft-windows-windows_10-1507-kb4499154
  • microsoft-windows-windows_10-1607-kb4494440
  • microsoft-windows-windows_10-1703-kb4499181
  • microsoft-windows-windows_10-1709-kb4499179
  • microsoft-windows-windows_10-1803-kb4499167
  • microsoft-windows-windows_10-1809-kb4494441
  • microsoft-windows-windows_10-1903-kb4497936
  • microsoft-windows-windows_server_2012-kb4498206
  • microsoft-windows-windows_server_2012_r2-kb4498206
  • microsoft-windows-windows_server_2016-1607-kb4494440
  • microsoft-windows-windows_server_2019-1809-kb4494441
  • msft-kb4497936-10429ff2-9c14-4fb1-abdc-a105642cb1ad
  • msft-kb4498206-15ac5c73-c308-4aaa-bc8a-498b44723654
  • msft-kb4498206-25da037b-5463-4f94-97e7-aaa122795804
  • msft-kb4498206-3b70de26-5a5a-4ade-9848-f64e4f009201
  • msft-kb4498206-4acfa0b9-b9d5-4621-8140-42daf9800a4c
  • msft-kb4498206-4f2c95b8-7f51-4565-98ea-11294fffff83
  • msft-kb4498206-50bf8a7a-1389-4f46-a983-6591e168f81f
  • msft-kb4498206-562ca2b2-352f-4f4f-a7c6-7cb6ac1739a6
  • msft-kb4498206-5e93385b-c351-45dd-9da4-c7d3ac73897c
  • msft-kb4498206-7a56c07f-79dc-4e72-b2b4-720fb618f95d
  • msft-kb4498206-a0438721-f787-426f-9f36-4d986c5e71f1
  • msft-kb4498206-bde61af5-94b7-4f04-9985-2ca38351182c
  • msft-kb4498206-e7eff888-5d81-42c9-bb1f-916e7234cb91
  • msft-kb4498206-f46bed62-1970-4196-bc65-47db0e0ae12b

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
  • Lightweight Endpoint Agent
  • Live Dashboards
  • Real Risk Prioritization
  • IT-Integrated Remediation Projects
  • Cloud, Virtual, and Container Assessment
  • Integrated Threat Feeds
  • Easy-to-Use RESTful API
  • Automation-Assisted Patching
  • Automated Containment
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;