7.6
CVSSv2

CVE-2019-0666

Published: 08/04/2019 Updated: 09/04/2019
CVSS v2 Base Score: 7.6 | Impact Score: 10 | Exploitability Score: 4.9
CVSS v3 Base Score: 7.5 | Impact Score: 5.9 | Exploitability Score: 1.6
VMScore: 676
Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

Vulnerability Summary

A vulnerability in the VBScript engine component of Microsoft Windows could allow an unauthenticated, remote malicious user to execute arbitrary code on a targeted system.The vulnerability is due to improper memory operations that are performed by the affected software. An attacker could exploit the vulnerability by persuading a user to access a link or file that submits malicious input to the affected software. A successful exploit could allow the malicious user to execute arbitrary code with the privileges of the user. If the user has elevated privileges, the attacker could compromise the system completely. Microsoft confirmed the vulnerability and released software updates.

Vulnerability Trend

Affected Products

Vendor Product Versions
MicrosoftInternet Explorer9, 10, 11

Github Repositories

Resources About Windows Security. 1100+ Open Source Tools. 3300+ Blog Post and Videos.

Recent Articles

Microsoft Patch Tuesday – March 2019
Symantec Threat Intelligence Blog • Ratheesh PM • 13 Mar 2020

This month the vendor has patched 64 vulnerabilities, 17 of which are rated Critical.

Posted: 13 Mar, 201920 Min ReadThreat Intelligence SubscribeFollowtwitterfacebooklinkedinMicrosoft Patch Tuesday – March 2019This month the vendor has patched 64 vulnerabilities, 17 of which are rated Critical.As always, customers are advised to follow these security best practices:


Install vendor patches as soon as they are available.
Run all software with the least privileges required while still maintaining ...