7.6
CVSSv2

CVE-2019-0752

Published: 09/04/2019 Updated: 28/05/2019
CVSS v2 Base Score: 7.6 | Impact Score: 10 | Exploitability Score: 4.9
CVSS v3 Base Score: 7.5 | Impact Score: 5.9 | Exploitability Score: 1.6
VMScore: 765
Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

Vulnerability Summary

A vulnerability in the scripting engine used by Microsoft Internet Explorer could allow an unauthenticated, remote malicious user to execute arbitrary code on a targeted system. The vulnerability is due to improper memory operations that are performed by the affected software. An attacker could exploit this vulnerability by persuading a user to access a link or file that submits malicious input to the affected software. A successful exploit could corrupt memory and allow the malicious user to execute arbitrary code with the privileges of the user. If the user has elevated privileges, the attacker could completely compromise the system. Microsoft has confirmed the vulnerability and released software updates.

Vulnerability Trend

Affected Products

Vendor Product Versions
MicrosoftInternet Explorer10, 11

Exploits

<!-- Full exploit of ZDI-19-359/ZDI-CAN-7757/CVE-2019-0752 --> <!-- Target: Internet Explorer, Windows 10 1809 17763316 (Feb 2019 patch level) --> <!-- Vulnerability and original exploit technique by Simon Zuckerbraun (@HexKitchen), Mar 2019 --> <!-- Tgroupcrew@gmailcom -- ...

Mailing Lists

Microsoft Internet Explorer Windows 10 1809 17763316 scripting engine memory corruption exploit ...

Github Repositories

Windows-RCE-exploits The exploit samples database is a repository for RCE (remote code execution) exploits and Proof-of-Concepts for WINDOWS, the samples are uploaded for education purposes for red and blue teams Proof of Concepts are alwayes idetified by #PoC# in the name of the relevant exploit folder, and those samples will alwayes pop out a calculator or a message box and

Recent Articles

Microsoft Patch Tuesday – April 2019
Symantec Threat Intelligence Blog • Himanshu Mehta • 10 Apr 2019

This month the vendor has patched 74 vulnerabilities, 14 of which are rated Critical.

Posted: 10 Apr, 201927 Min ReadThreat Intelligence SubscribeFollowtwitterfacebooklinkedinMicrosoft Patch Tuesday – April 2019This month the vendor has patched 74 vulnerabilities, 14 of which are rated Critical.As always, customers are advised to follow these security best practices:


Install vendor patches as soon as they are available.
Run all software with the least privileges required while still maintaining ...