CVE-2019-0609

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-0609

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-0609.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-0609

Aliases

GHSA-pjpj-f6r8-56rm

Withdrawn

2024-05-15T05:33:47.377830Z

Published

2019-04-08T23:29:00Z

Modified

2023-11-29T06:50:57.546252Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783.

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0609

Affected packages

Git / github.com/chakra-core/chakracore

Affected ranges

Type: GIT
Repo: https://github.com/chakra-core/chakracore
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

86df3a4a1add9a5b104f553e65ac5c1d24b0bf2f

Type: GIT
Repo: https://github.com/microsoft/chakracore
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

86df3a4a1add9a5b104f553e65ac5c1d24b0bf2f

Affected versions

v1.*

v1.10.0

v1.10.1

v1.10.2

v1.11.0

v1.11.1

v1.11.2

v1.11.3

v1.11.4

v1.11.5

v1.11.6

v1.2.0.0

v1.2.1

v1.2.2

v1.2.3

v1.3.0

v1.3.1

v1.3.2

v1.4.0

v1.4.1

v1.4.2

v1.4.3

v1.4.4

v1.4.5

v1.5.0

v1.5.1

v1.5.2

v1.5.3

v1.6.0

v1.6.1

v1.6.2

v1.7.0

v1.7.1

v1.7.2

v1.7.3

v1.7.4

v1.7.5

v1.7.6

v1.8.0

v1.8.1

v1.8.2

v1.8.3

v1.8.4

v1.8.5