Published: 08/01/2019 Updated: 28/09/2020

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

A remote code execution vulnerability exists in the way that the MSHTML engine inproperly validates input, aka "MSHTML Engine Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Office Word Viewer, Internet Explorer 9, Internet Explorer 11, Microsoft Excel Viewer, Internet Explorer 10, Office 365 ProPlus.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft internet_explorer 11
microsoft excel viewer 2007
microsoft office 2019
microsoft office 365 proplus -
microsoft office 2010
microsoft office 2013
microsoft office 2016
microsoft office word viewer -
microsoft internet_explorer 9
microsoft internet_explorer 10

# Exploit Title: Microsoft Windows (CVE-2019-0541) MSHTML Engine "Edit" Remote Code Execution Vulnerability # Google Dork: N/A # Date: March, 13 2019 # Exploit Author: Eduardo Braun Prado # Vendor Homepage: wwwmicrosoftcom/ # Software Link: wwwmicrosoftcom/ # Version: Windows 7 SP1, Server 2008, Server 2012, Server 2012 R2 ...

CWE-77 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0541 http://www.securityfocus.com/bid/106402 https://www.exploit-db.com/exploits/46536/https://nvd.nist.gov https://www.exploit-db.com/exploits/46536

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-0541

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect