High severity7.5NVD Advisory· Published May 16, 2019· Updated Jun 17, 2026
CVE-2019-0918
CVE-2019-0918
Description
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0884, CVE-2019-0911.
Affected products
8Windows Server 2012+ 2 more
- (no CPE)range: Windows Server 2012
- (no CPE)range: Windows 7 for 32-bit Systems Service Pack 1
- (no CPE)range: Windows Server 2008 for 32-bit Systems Service Pack 2
- Microsoft/Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systemsv5Range: unspecified
- Microsoft/Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systemsv5Range: unspecified
- Microsoft/Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systemsv5Range: unspecified
- Microsoft/Internet Explorer 11 on Windows Server 2012v5Range: unspecified
Patches
Vulnerability mechanics
References
1- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0918nvdPatchVendor Advisory
News mentions
0No linked articles in our index yet.