Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2020-0968

Published: 15/04/2020 Updated: 21/07/2021
CVSS v2 Base Score: 7.6 | Impact Score: 10 | Exploitability Score: 4.9
CVSS v3 Base Score: 7.5 | Impact Score: 5.9 | Exploitability Score: 1.6
VMScore: 676
Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Subscribe to Microsoft

Vulnerability Summary

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0970.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft internet_explorer 11

microsoft internet_explorer 9

Recent Articles

Microsoft Patch Tuesday - April 2020
Symantec Threat Intelligence Blog • Preethi Koroth • 15 Apr 2024

This month the vendor has patched 113 vulnerabilities, 18 of which are rated Critical.

Posted: 15 Apr, 202029 Min ReadThreat Intelligence SubscribeMicrosoft Patch Tuesday - April 2020This month the vendor has patched 113 vulnerabilities, 18 of which are rated Critical.As always, customers are advised to follow these security best practices: Install vendor patches as soon as they are available. Run all software with the least privileges required while still maintaining functionality. Avoid handling files from unknown or questionable ...

Read more...
Rubbish software security patches responsible for a quarter of zero-days last year
The Register • Thomas Claburn in San Francisco • 03 Feb 2021

Google wants researchers, vendors to stop making attacks easy Apple emits emergency iOS security updates while warning holes may have been exploited in wild by hackers

Enigma To limit the impact of zero-day vulnerabilities, Google security researcher Maddie Stone would like those developing software fixes to stop delivering shoddy patches. In a presentation at USENIX's Enigma 2021 virtual conference on Tuesday, Stone offered an overview of the zero-day exploits detected in 2020. A zero-day, she explained for attendees outside the infosec community, refers to an exploit targeting a previously unidentified vulnerability. Zero-day flaws are a problem because they...

Read more...

References

CWE-787https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0968https://nvd.nist.govhttps://www.theregister.co.uk/2021/02/03/enigma_patch_zero/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693CVE-2024-30851CVE-2024-34460CVE-2024-2887localCVE-2024-27956remote code executionCVE-2024-34475privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook