NVD - CVE-2019-0911

Vulnerability Change Records for CVE-2019-0911

Change History

Initial Analysis by NIST 5/16/2019 6:01:48 PM

Action	Type	Old Value	New Value
Added	CPE Configuration		AND OR cpe:2.3:a:microsoft:edge:-::::::: OR cpe:2.3:o:microsoft:windows_10:-:::::::* cpe:2.3:o:microsoft:windows_10:1607:::::::* cpe:2.3:o:microsoft:windows_10:1703:::::::* cpe:2.3:o:microsoft:windows_10:1709:::::::* cpe:2.3:o:microsoft:windows_10:1803:::::::* cpe:2.3:o:microsoft:windows_10:1809:::::::* cpe:2.3:o:microsoft:windows_10:1903:::::::* cpe:2.3:o:microsoft:windows_server_2016:-:::::::* cpe:2.3:o:microsoft:windows_server_2019:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:a:microsoft:internet_explorer:10:-::::::* OR cpe:2.3:o:microsoft:windows_server_2012:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:a:microsoft:internet_explorer:11:-::::::* OR cpe:2.3:o:microsoft:windows_10:-:::::::* cpe:2.3:o:microsoft:windows_10:1607:::::::* cpe:2.3:o:microsoft:windows_10:1703:::::::* cpe:2.3:o:microsoft:windows_10:1709:::::::* cpe:2.3:o:microsoft:windows_10:1803:::::::* cpe:2.3:o:microsoft:windows_10:1809:::::::* cpe:2.3:o:microsoft:windows_10:1903:::::::* cpe:2.3:o:microsoft:windows_7:-:sp1:::::: cpe:2.3:o:microsoft:windows_8.1:-:::::::* cpe:2.3:o:microsoft:windows_rt_8.1:-:::::::* cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:::::x64:* cpe:2.3:o:microsoft:windows_server_2012:-:::::::* cpe:2.3:o:microsoft:windows_server_2012:r2:::::::* cpe:2.3:o:microsoft:windows_server_2016:-:::::::* cpe:2.3:o:microsoft:windows_server_2019:-:::::::*
Added	CPE Configuration		OR cpe:2.3:a:microsoft:chakracore::::::::* versions up to (excluding) 1.11.9
Added	CVSS V2		(AV:N/AC:H/Au:N/C:C/I:C/A:C)
Added	CVSS V2 Metadata		Victim must voluntarily interact with attack mechanism
Added	CVSS V3		AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Added	CWE		CWE-119
Changed	Reference Type	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0911 No Types Assigned	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0911 Patch, Vendor Advisory