Multiple vulnerabilities in Microsoft Internet Explorer and Edge

Описание

Multiple vulnerabilities were found in Microsoft Internet Explorer and Edge. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, spoof user interface.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in MSHTML Engine can be exploited remotely via specially crafted file to execute arbitrary code.
2. A memory corruption vulnerability in Scripting Engine can be exploited remotely to execute arbitrary code.
3. A memory corruption vulnerability in Internet Explorer can be exploited remotely via specially crafted website to execute arbitrary code.
4. An elevation of privilege vulnerability in Microsoft Edge can be exploited remotely via specially crafted content to gain privileges.
5. A remote code execution vulnerability in VBScript can be exploited remotely via specially crafted website to execute arbitrary code.
6. A remote code execution vulnerability in Microsoft Edge PDF can be exploited remotely via specially crafted to execute arbitrary code.
7. A spoofing vulnerability in Microsoft Edge can be exploited remotely via specially crafted website to spoof user interface.
8. A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.

Первичный источник обнаружения

• CVE-2020-1064
  CVE-2020-1065
  CVE-2020-1062
  CVE-2020-1056
  CVE-2020-1060
  CVE-2020-1096
  CVE-2020-1059
  CVE-2020-1058
  CVE-2020-1093
  CVE-2020-1092
  CVE-2020-1035
  CVE-2020-1037
  

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Internet-Explorer
• Microsoft-Edge
• ChakraCore

Список CVE

• CVE-2020-1064
  critical
• CVE-2020-1065
  critical
• CVE-2020-1062
  critical
• CVE-2020-1056
  high
• CVE-2020-1060
  critical
• CVE-2020-1096
  critical
• CVE-2020-1059
  warning
• CVE-2020-1058
  critical
• CVE-2020-1093
  critical
• CVE-2020-1092
  critical
• CVE-2020-1035
  critical
• CVE-2020-1037
  critical

Список KB

• 4556799
• 4556846
• 4556798
• 4556840
• 4556826
• 4556813
• 4556812
• 4551853
• 4556836
• 4556807

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com