Home

CVE-2019-0995

Description

A security feature bypass vulnerability exists when urlmon.dll improperly handles certain Mark of the Web queries, aka Internet Explorer Security Feature Bypass Vulnerability.

Risk Information

Base Score
7.2
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
EPSS Score
Exploitation Probability
11.758

Associated Vulnerability

VulnerabilityOS Platform
Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1709 for x86-based Systems (KB4499179)Windows
Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1709 for x64-based Systems (KB4499179)Windows
Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1803 for x86-based Systems (KB4499167)Windows
Active Directory Elevation of Privilege Vulnerability for Windows Server 2016 (1803) for x64-based Systems (KB4499167)Windows
Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1803 for x64-based Systems (KB4499167)Windows
Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1607 for x86-based Systems (KB4494440)Windows
Active Directory Elevation of Privilege Vulnerability for Windows Server 2016 for x64-based Systems (KB4494440)Windows
Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1607 for x64-based Systems (KB4494440)Windows
Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1703 for x64-based Systems (KB4499181)Windows
Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1703 for x86-based Systems (KB4499181)Windows
Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1809 for x86-based Systems (KB4494441)Windows
Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1809 for x64-based Systems (KB4494441)Windows
Active Directory Elevation of Privilege Vulnerability for Windows Server 2019 for x64-based Systems (KB4494441)Windows
Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1903 for x86-based Systems (KB4497936)Windows
Active Directory Elevation of Privilege Vulnerability for Windows 10 Version 1903 for x64-based Systems (KB4497936)Windows
Jet Database Engine Remote Code Execution Vulnerability for Windows 10 Version 1703 for x64-based Systems (KB4499181)Windows
Jet Database Engine Remote Code Execution Vulnerability for Windows 10 Version 1703 for x86-based Systems (KB4499181)Windows
Jet Database Engine Remote Code Execution Vulnerability for Windows 10 Version 1703 for x64-based Systems (KB4499181)Windows
Jet Database Engine Remote Code Execution Vulnerability for Windows 10 Version 1703 for x86-based Systems (KB4499181)Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-266842019-05 Cumulative Update for Windows 10 Version 1709 for x86-based Systems (KB4499179)
PATCH-266852019-05 Cumulative Update for Windows 10 Version 1709 for x64-based Systems (KB4499179)
PATCH-266862019-05 Cumulative Update for Windows 10 Version 1803 for x86-based Systems (KB4499167)
PATCH-266972019-05 Cumulative Update for Windows Server 2016 (1803) for x64-based Systems (KB4499167)
PATCH-266982019-05 Cumulative Update for Windows 10 Version 1803 for x64-based Systems (KB4499167)
PATCH-266772019-05 Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB4494440)
PATCH-266782019-05 Cumulative Update for Windows Server 2016 for x64-based Systems (KB4494440)
PATCH-266792019-05 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB4494440)
PATCH-266992019-05 Cumulative Update for Windows 10 Version 1809 for x86-based Systems (KB4494441)
PATCH-267002019-05 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB4494441)
PATCH-267012019-05 Cumulative Update for Windows Server 2019 for x64-based Systems (KB4494441)
PATCH-267032019-05 Cumulative Update for Windows 10 Version 1903 for x86-based Systems (KB4497936)
PATCH-267042019-05 Cumulative Update for Windows 10 Version 1903 for x64-based Systems (KB4497936)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234