An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability, aka ‘Microsoft Edge Elevation of Privilege Vulnerability’.
windows_server_2019
CVE-2019-0680
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka ‘Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783.
CVE-2019-0634
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka ‘Microsoft Edge Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2019-0645, CVE-2019-0650.
CVE-2019-0639
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka ‘Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2019-0609, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783.
CVE-2019-0640
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka ‘Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655.
CVE-2019-0641
A security feature bypass vulnerability exists in Microsoft Edge handles whitelisting, aka ‘Microsoft Edge Security Feature Bypass Vulnerability’.