Multiple vulnerabilities in Microsoft Browsers

Описание

Multiple vulnerabilities were found in Microsoft browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges.

Below is a complete list of vulnerabilities:

1. A memory corruption vulnerability in Scripting Engine can be exploited remotely to execute arbitrary code.
2. A memory corruption vulnerability in Internet Explorer Browser Helper Object (BHO) can be exploited remotely via specially crafted website to execute arbitrary code.
3. An elevation of privilege vulnerability in WinINet API can be exploited remotely via specially crafted website to gain privileges.
4. An elevation of privilege vulnerability in Windows Start-Up Application can be exploited remotely via specially crafted website to gain privileges.
5. A memory corruption vulnerability in Microsoft Browser can be exploited remotely via specially crafted website to execute arbitrary code.

Первичный источник обнаружения

• CVE-2020-1057
  CVE-2020-1172
  CVE-2020-16884
  CVE-2020-1180
  CVE-2020-1012
  CVE-2020-1506
  CVE-2020-0878
  

Связанные продукты

• Microsoft-Internet-Explorer
• Microsoft-Edge
• ChakraCore

Список CVE

• CVE-2020-0878
  warning
• CVE-2020-1057
  warning
• CVE-2020-1172
  warning
• CVE-2020-16884
  warning
• CVE-2020-1180
  warning
• CVE-2020-1012
  critical
• CVE-2020-1506
  high

Список KB

• 4571756
• 4577041
• 4570333
• 4577032
• 4577049
• 4577015
• 4577051
• 4577066
• 4574727
• 4577038
• 4577010

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com