Уязвимости Угрозы

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

KLA11681
Multiple vulnerabilities in Microsoft Browser
Обновлено: 18/06/2020
Дата обнаружения
 10/03/2020
Уровень угрозы
 Critical
Описание

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information.

Below is a complete list of vulnerabilities:

  1. A memory corruption vulnerability in Scripting Engine can be exploited remotely to execute arbitrary code.
  2. A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
  3. An information disclosure vulnerability in Scripting Engine can be exploited remotely to obtain sensitive information.
  4. A memory corruption vulnerability in Microsoft Edge can be exploited remotely via specially crafted website to execute arbitrary code.
  5. A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
  6. A memory corruption vulnerability in Scripting Engine can be exploited remotely to execute arbitrary code.
  7. A memory corruption vulnerability in Internet Explorer can be exploited remotely via specially crafted website to execute arbitrary code.
  8. A remote code execution vulnerability in VBScript can be exploited remotely via specially crafted website to execute arbitrary code.
Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Пораженные продукты

Internet Explorer 11
Internet Explorer 9
Microsoft Edge (EdgeHTML-based)
ChakraCore
Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Первичный источник обнаружения
 CVE-2020-0829
CVE-2020-0811
CVE-2020-0812
CVE-2020-0813
CVE-2020-0816
CVE-2020-0828
CVE-2020-0832
CVE-2020-0833
CVE-2020-0830
CVE-2020-0831
CVE-2020-0825
CVE-2020-0824
CVE-2020-0768
CVE-2020-0826
CVE-2020-0847
CVE-2020-0827
CVE-2020-0848
CVE-2020-0823
Оказываемое влияние
?
ACE 
[?]

OSI 
[?]
Связанные продукты
 Microsoft Internet Explorer
Microsoft VBScript engine
Microsoft Edge
CVE-IDS
CVE-2020-08290.0Unknown
CVE-2020-08110.0Unknown
CVE-2020-08120.0Unknown
CVE-2020-08130.0Unknown
CVE-2020-08160.0Unknown
CVE-2020-08280.0Unknown
CVE-2020-08320.0Unknown
CVE-2020-08330.0Unknown
CVE-2020-08300.0Unknown
CVE-2020-08310.0Unknown
CVE-2020-08250.0Unknown
CVE-2020-08240.0Unknown
CVE-2020-07680.0Unknown
CVE-2020-08260.0Unknown
CVE-2020-08470.0Unknown
CVE-2020-08270.0Unknown
CVE-2020-08480.0Unknown
CVE-2020-08230.0Unknown
KB list

4538461
4541510
4540689
4541509
4540681
4540693
4540673
4540670
4540671
4540688
Microsoft official advisories
 Microsoft Security Update Guide
© 2020 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy

Up