CVE-2020-0673

CVE Database · CVE-2020-0673

CVE-2020-0673

· HIGHModified

CVSS v3.1

7.5

EPSS

9.62%

Published

Feb 11, 2020

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767.

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-787

Affected Products (20)

microsoft · internet_explorervulnerable

microsoft · windows_server_2008

microsoft · internet_explorervulnerable

microsoft · windows_server_2012

microsoft · internet_explorervulnerable

microsoft · windows_10

References (2)

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0673

PatchVendor Advisory

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0673

PatchVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs