CVE-2019-0752

CVE Database · CVE-2019-0752

CVE-2019-0752

· HIGHAnalyzed

CVSS v3.1

7.5

EPSS

81.55%

Published

Apr 9, 2019

Modified

Oct 29, 2025

CISA Known Exploited Vulnerability

Added: 2022-02-15 · Due: 2022-08-15

Apply updates per vendor instructions.

Public PoC / Exploit (3)

All weaponized →

Exploit-DBMicrosoft Internet Explorer Windows 10 1809 17763.316 - Scripting Engine Memory Corruption TrickestTrickest PoC index GitHub PoCedxsh/CVE-2019-0752★2

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0739, CVE-2019-0753, CVE-2019-0862.

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-843CWE-843

Affected Products (25)

microsoft · internet_explorervulnerable

microsoft · windows_10_1507

microsoft · windows_10_1607

microsoft · windows_10_1703

microsoft · windows_10_1709

microsoft · windows_10_1803