Tampering Vulnerability in Microsoft Browsers
CVE-2019-0764

6.5MEDIUM

Key Information:

Vendor: Microsoft
Status: Internet Explorer 9; Internet Explorer 11; Internet Explorer 10; Microsoft Edge
Vendor: CVE Published:; 9 April 2019

Summary

This vulnerability arises from improper input validation in Microsoft browsers, leading to potential manipulation of user data or browser behavior. Attackers could exploit specific conditions to tamper with the browsing experience, creating security risks for users. It is essential for users and administrators to stay informed of patches and updates provided by Microsoft to mitigate these risks.

Affected Version(s)

Internet Explorer 10 Windows Server 2012

Internet Explorer 11 Windows 7 for 32-bit Systems Service Pack 1

Internet Explorer 11 Windows 7 for x64-based Systems Service Pack 1

References

https://portal.msrc.microsoft.com/en-US/security-guidance...

x_refsource_MISC

http://www.securityfocus.com/bid/107731

vdb-entryx_refsource_BID

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 9, 2019
Vulnerability Reserved
Nov 26, 2018