Microsoft Edge – Chakra Scripting Engine Memory Corruption Vulnerability

Description: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge.

Threat: If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system.

Criticality: High

Update/Patch: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0861

 

Microsoft XML – Remote Code Execution Vulnerability

Description: A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input.

Threat: When Internet Explorer parses the XML content, an attacker could run malicious code remotely to take control of the user’s system.

Criticality: High

Update/Patch: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0793

 

Apache – Escalation of Privilege Vulnerability

Description: Apache HTTP Server privilege escalation from modules’ scripts

Threat: Code executing in less-privileged child processes or threads could execute arbitrary code with the privileges of the parent process by manipulating the scoreboard.

Criticality: High

Update/Patch: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-0211

0 Comments

Submit a Comment

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Register your email to receive the latest news and updates from getNEXT.

You have Successfully Subscribed!

Share This