|
|
|||
| Rule General Information |
|---|
| Release Date: | 2020-03-25 | |
| Rule Name: | Microsoft Internet Explorer toJSON callback Use-After-Free Vulnerability (CVE-2019-1429) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1427, CVE-2019-1428. | |
| Impact: | A use-after-free vulnerability can be exploited by an attacker in the vulnerable product. Successful exploit may cause some adverse consequences, such as crash of the product, execution of arbitrary code. | |
| Affected OS: | Windows | |
| Reference: | http://packetstormsecurity.com/files/155433/Microsoft-Internet-Explorer-Use-After-Free.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1429 |
|
| Solutions |
|---|
| The vendors have released upgrade patches to fix vulnerabilities, please visit: https://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2019-1429 |