CVE-2019-0988: Microsoft Windows jscript9 RegExp.input Type Confusion Remote Code Execution Vulnerability
First published: Wed Jun 12 2019(Updated: )
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0920, CVE-2019-1005, CVE-2019-1055, CVE-2019-1080.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows | ||
| Internet Explorer | =10 | |
| Microsoft Windows Server | ||
| Internet Explorer | =11 | |
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | =1607 | |
| Microsoft Windows 10 | =1703 | |
| Microsoft Windows 10 | =1709 | |
| Microsoft Windows 10 | =1803 | |
| Microsoft Windows 10 | =1809 | |
| Microsoft Windows 10 | =1903 | |
| Microsoft Windows 7 | =sp1 | |
| Microsoft Windows 8.1 | ||
| Microsoft Windows RT | ||
| Microsoft Windows Server | =r2-sp1 | |
| Microsoft Windows Server | =r2 | |
| Microsoft Windows Server 2016 | ||
| Microsoft Windows Server 2019 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-0988?
CVE-2019-0988 has a critical severity rating due to its potential for remote code execution.
How do I fix CVE-2019-0988?
To fix CVE-2019-0988, ensure that your Internet Explorer and other affected Microsoft products are updated with the latest security patches.
What operating systems are affected by CVE-2019-0988?
CVE-2019-0988 affects Internet Explorer versions 10 and 11 running on various Microsoft Windows operating systems.
Is CVE-2019-0988 exploit-related?
Yes, CVE-2019-0988 is exploit-related, allowing attackers to perform remote code execution via specially crafted web content.
What does the vulnerability CVE-2019-0988 affect?
CVE-2019-0988 affects the scripting engine in Internet Explorer, particularly its handling of objects in memory.
- agent/weakness
- agent/references
- agent/type
- agent/severity
- agent/author
- agent/remedy
- agent/title
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- collector/zdi-advisory
- source/ZDI
- alias/ZDI-19-723
- alias/ZDI-CAN-8609
- alias/CVE-2019-0988
- agent/software-canonical-lookup
- agent/event
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/microsoft
- canonical/microsoft windows
- canonical/internet explorer
- version/internet explorer/10
- canonical/microsoft windows server
- version/internet explorer/11
- canonical/microsoft windows 10
- version/microsoft windows 10/1607
- version/microsoft windows 10/1703
- version/microsoft windows 10/1709
- version/microsoft windows 10/1803
- version/microsoft windows 10/1809
- version/microsoft windows 10/1903
- canonical/microsoft windows 7
- version/microsoft windows 7/sp1
- canonical/microsoft windows 8.1
- canonical/microsoft windows rt
- version/microsoft windows server/r2-sp1
- version/microsoft windows server/r2
- canonical/microsoft windows server 2016
- canonical/microsoft windows server 2019