Unrated severityCISA KEVNVD Advisory· Published Sep 23, 2019· Updated Oct 21, 2025

CVE-2019-1367

Description

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1221.

Affected products

Microsoft/Internet Explorer 9v5
Range: Windows Server 2008 for 32-bit Systems Service Pack 2
Microsoft/Internet Explorer 11v5
Range: Windows 7 for 32-bit Systems Service Pack 1
Microsoft/Internet Explorer 11 on Windows Server 2012v5
Range: unspecified
Microsoft/Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systemsv5
Range: unspecified
Microsoft/Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systemsv5
Range: unspecified
Microsoft/Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systemsv5
Range: unspecified
Microsoft/Internet Explorer 10v5
Range: Windows Server 2012

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1367mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.073
exploit	0.000
kev	0.120
patch	0.000
ransomware	0.060