Multiple vulnerabilities in Microsoft Browsers

Description

Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code.

Below is a complete list of vulnerabilities:

1. A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
2. A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
3. A remote code execution vulnerability in VBScript can be exploited remotely via specially crafted website to execute arbitrary code.
4. A memory corruption vulnerability in Scripting Engine can be exploited remotely to execute arbitrary code.
5. A remote code execution vulnerability in Windows VBScript Engine can be exploited remotely via specially crafted website to execute arbitrary code.

Original advisories

• CVE-2020-0968

• CVE-2020-0969
• CVE-2020-0966
• CVE-2020-0970
• CVE-2020-0967
• CVE-2020-0895

Exploitation

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

• Microsoft-Internet-Explorer
• Microsoft-Edge
• ChakraCore

CVE list

• CVE-2020-0968
  critical
• CVE-2020-0967
  critical
• CVE-2020-0895
  critical
• CVE-2020-0966
  critical
• CVE-2020-0969
  critical
• CVE-2020-0970
  critical

KB list

• 4549949
• 4550927
• 4550929
• 4550964
• 4550917
• 4549951
• 4550961
• 4550922
• 4550930
• 4550905

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com