CVE-2020-0833Out-of-bounds Write in Microsoft Internet Explorer 11

CWE-787Out-of-bounds Write16 documents5 sources
Severity
7.5HIGHNVD
EPSS
3.3%
top 12.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
9
Microsoft Internet Explorer 11Microsoft Internet Explorer 11 ON Windows 10 Version 1903 FOR 32-bit SystemsMicrosoft Internet Explorer 11 ON Windows 10 Version 1903 FOR Arm64-based Systems+6 more
Timeline
PublishedMar 12
Latest updateAug 2

Description

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0848.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

Affected Packages9 packages

CVEListV5microsoft/internet_explorer_1122 versions+21

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

14
GHSA
Out-of-bounds write in ChakraCore2021-08-02
OSV
Out-of-bounds write in ChakraCore2021-07-28
GHSA
Out-of-bounds write in ChakraCore2021-07-28
GHSA
Out-of-bounds Write in ChakraCore2021-07-28
GHSA
Out-of-bounds write in ChakraCore2021-07-28

📋Vendor Advisories

1
Microsoft
Scripting Engine Memory Corruption Vulnerability2020-03-10
CVE-2020-0833 — Out-of-bounds Write in Microsoft | cvebase