Spoofing Vulnerability in Microsoft Browsers
CVE-2019-1357

4.3MEDIUM

Key Information:

Vendor: Microsoft
Status: Internet Explorer 11; Internet Explorer 11 On Windows Server 2012; Internet Explorer 11 On Windows 10 Version 1903 For 32-bit Systems; Internet Explorer 11 On Windows 10 Version 1903 For X64-based Systems
Vendor: CVE Published:; 10 October 2019

Summary

A spoofing vulnerability exists in Microsoft Browsers due to improper handling of browser cookies, potentially allowing malicious actors to impersonate users. This flaw can mislead users into interacting with deceptive content or websites, thereby exposing them to various security threats. Organizations and individuals using affected Microsoft browser versions should apply recommended patches and updates to mitigate any risks associated with this vulnerability.

Affected Version(s)

Internet Explorer 10 Windows Server 2012

Internet Explorer 11 Windows 7 for 32-bit Systems Service Pack 1

Internet Explorer 11 Windows 7 for x64-based Systems Service Pack 1

References

https://portal.msrc.microsoft.com/en-US/security-guidance...

x_refsource_MISC

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 10, 2019
Vulnerability Reserved
Nov 26, 2018