Microsoft Edge CVE-2019-0565 Remote Memory Corruption Vulnerability

Bugtraq ID:	106416
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2019-0565
Remote:	Yes
Local:	No
Published:	Jan 08 2019 12:00AM
Updated:	Jan 08 2019 12:00AM
Credit:	Jihui Lu of Tencent KeenLab
Vulnerable:	Microsoft Edge 0 + Microsoft Windows 10 for 32-bit Systems 0 + Microsoft Windows 10 for 32-bit Systems 0 + Microsoft Windows 10 for 32-bit Systems 0 + Microsoft Windows 10 for 32-bit Systems 0 + Microsoft Windows 10 for 32-bit Systems 0 + Microsoft Windows 10 for 32-bit Systems 0 + Microsoft Windows 10 for x64-based Systems 0 + Microsoft Windows 10 for x64-based Systems 0 + Microsoft Windows 10 for x64-based Systems 0 + Microsoft Windows 10 for x64-based Systems 0 + Microsoft Windows 10 for x64-based Systems 0 + Microsoft Windows 10 for x64-based Systems 0 + Microsoft Windows 10 version 1511 for 32-bit Systems 0 + Microsoft Windows 10 version 1511 for 32-bit Systems 0 + Microsoft Windows 10 version 1511 for 32-bit Systems 0 + Microsoft Windows 10 version 1511 for 32-bit Systems 0 + Microsoft Windows 10 version 1511 for 32-bit Systems 0 + Microsoft Windows 10 version 1511 for 32-bit Systems 0 + Microsoft Windows 10 version 1511 for x64-based Systems 0 + Microsoft Windows 10 version 1511 for x64-based Systems 0 + Microsoft Windows 10 version 1511 for x64-based Systems 0 + Microsoft Windows 10 version 1511 for x64-based Systems 0 + Microsoft Windows 10 version 1511 for x64-based Systems 0 + Microsoft Windows 10 version 1511 for x64-based Systems 0 + Microsoft Windows 10 Version 1607 for 32-bit Systems 0 + Microsoft Windows 10 Version 1607 for 32-bit Systems 0 + Microsoft Windows 10 Version 1607 for 32-bit Systems 0 + Microsoft Windows 10 Version 1607 for 32-bit Systems 0 + Microsoft Windows 10 Version 1607 for 32-bit Systems 0 + Microsoft Windows 10 Version 1607 for x64-based Systems 0 + Microsoft Windows 10 Version 1607 for x64-based Systems 0 + Microsoft Windows 10 Version 1607 for x64-based Systems 0 + Microsoft Windows 10 Version 1607 for x64-based Systems 0 + Microsoft Windows 10 Version 1607 for x64-based Systems 0 + Microsoft Windows 10 version 1703 for 32-bit Systems 0 + Microsoft Windows 10 version 1703 for 32-bit Systems 0 + Microsoft Windows 10 version 1703 for 32-bit Systems 0 + Microsoft Windows 10 version 1703 for 32-bit Systems 0 + Microsoft Windows 10 version 1703 for x64-based Systems 0 + Microsoft Windows 10 version 1703 for x64-based Systems 0 + Microsoft Windows 10 version 1703 for x64-based Systems 0 + Microsoft Windows 10 version 1703 for x64-based Systems 0 + Microsoft Windows 10 version 1709 for 32-bit Systems 0 + Microsoft Windows 10 version 1709 for 32-bit Systems 0 + Microsoft Windows 10 version 1709 for 32-bit Systems 0 + Microsoft Windows 10 version 1709 for 32-bit Systems 0 + Microsoft Windows 10 version 1709 for x64-based Systems 0 + Microsoft Windows 10 version 1709 for x64-based Systems 0 + Microsoft Windows 10 version 1709 for x64-based Systems 0 + Microsoft Windows 10 version 1709 for x64-based Systems 0 + Microsoft Windows 10 Version 1803 for 32-bit Systems 0 + Microsoft Windows 10 Version 1803 for 32-bit Systems 0 + Microsoft Windows 10 Version 1803 for x64-based Systems 0 + Microsoft Windows 10 Version 1803 for x64-based Systems 0 + Microsoft Windows Server 2016 0 + Microsoft Windows Server 2016 0 + Microsoft Windows Server 2016 0 + Microsoft Windows Server 2016 for x64-based Systems 0 + Microsoft Windows Server 2016 for x64-based Systems 0 + Microsoft Windows Server 2016 for x64-based Systems 0 + Microsoft Windows Server 2016 for x64-based Systems 0 + Microsoft Windows Server 2016 for x64-based Systems 0
Not Vulnerable:

Microsoft Edge CVE-2019-0565 Remote Memory Corruption Vulnerability

Microsoft Edge is prone to a remote memory-corruption vulnerability.

Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions.

Microsoft Edge CVE-2019-0565 Remote Memory Corruption Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Microsoft Edge CVE-2019-0565 Remote Memory Corruption Vulnerability

References:

• Microsoft Edge - Homepage (Microsoft)
  
• Microsoft Homepage (Microsoft)
  
• CVE-2019-0565 | Microsoft Edge Memory Corruption Vulnerability (Microsoft)