CVE-2020-0967
published 2020-04-15CVE-2020-0967: A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'…
PriorityP354high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
11.39%
95.5th percentile
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0966.
Affected
35 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer_11 | — | — |
| microsoft | internet_explorer_11 | — | — |
| microsoft | internet_explorer_11 | — | — |
| microsoft | internet_explorer_11 | — | — |
| microsoft | internet_explorer_11 | — | — |
| microsoft | internet_explorer_11 | — | — |
| microsoft | internet_explorer_11 | — | — |
| microsoft | internet_explorer_11 | — | — |
| microsoft | internet_explorer_11 | — | — |
| microsoft | internet_explorer_11 | — | — |
| microsoft | internet_explorer_11 | — | — |
| microsoft | internet_explorer_11 | — | — |
| microsoft | internet_explorer_11 | — | — |
| microsoft | internet_explorer_11 | — | — |
| microsoft | internet_explorer_11 | — | — |
| microsoft | internet_explorer_11 | — | — |
| microsoft | internet_explorer_11 | — | — |
| microsoft | internet_explorer_11 | — | — |
| microsoft | internet_explorer_11 | — | — |
| microsoft | internet_explorer_11 | — | — |
| microsoft | internet_explorer_11 | — | — |
| microsoft | internet_explorer_11 | — | — |
| microsoft | internet_explorer_11_on_windows_10_version_1903_for_32-bit_systems | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_msrc7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-j99r-h42f-9xrm: A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulner
ghsa_unreviewed·2022-05-24·CVSS 8.8
CVE-2020-0966 [HIGH] CWE-119 GHSA-j99r-h42f-9xrm: A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulner
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0967.
GHSA
GHSA-f3x5-ww2f-cc7g: A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulner
ghsa_unreviewed·2022-05-24·CVSS 8.8
CVE-2020-0967 [HIGH] CWE-119 GHSA-f3x5-ww2f-cc7g: A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulner
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0966.
Microsoft
VBScript Remote Code Execution Vulnerability
vendor_msrc·2020-04-14·CVSS 7.5
CVE-2020-0967 [HIGH] VBScript Remote Code Execution Vulnerability
VBScript Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exp
No detection rules found.
No public exploits indexed.
Talos
Microsoft Patch Tuesday — April 2020: Vulnerability disclosures and Snort coverage
blogs_talos·2020-04-14·CVSS 8.8
[HIGH] Microsoft Patch Tuesday — April 2020: Vulnerability disclosures and Snort coverage
By Jon Munshaw.
Microsoft released its monthly security update today, disclosing vulnerabilities across many of its products and releasing corresponding updates. This month's Patch Tuesday covers 115 vulnerabilities. Nineteen of the flaws Microsoft disclosed are considered critical. The remainders are scored as being “important” updates.
This month’s security update covers security issues in a variety of Microsoft services and software, including SharePoint, the Windows font library and the Windows kernel. A Cisco Talos researcher discovered CVE-2020-0939, an information disclosure vulnerability in Microsoft Media Foundation. For more, check out Talos’ full Vulnerability Spotlight here.
Talos also released a new set of SNORTⓇ rules that provide coverage for some of these vulnerabilities
Talos
Microsoft Patch Tuesday — April 2020: Vulnerability disclosures and Snort coverage
blogs_talos·2020-04-14·CVSS 8.8
[HIGH] Microsoft Patch Tuesday — April 2020: Vulnerability disclosures and Snort coverage
## Microsoft Patch Tuesday — April 2020: Vulnerability disclosures and Snort coverage
By Jon Munshaw.
Microsoft released its monthly security update today, disclosing vulnerabilities across many of its products and releasing corresponding updates. This month's Patch Tuesday covers 115 vulnerabilities. Nineteen of the flaws Microsoft disclosed are considered critical. The remainders are scored as being “important” updates.
This month’s security update covers security issues in a variety of Microsoft services and software, including SharePoint, the Windows font library and the Windows kernel. A Cisco Talos researcher discovered CVE-2020-0939 , an information disclosure vulnerability in Microsoft Media Foundation. For more, check out Talos’ full Vulnerability Spotlight here .
Talos also r
Talos
Vulnerability Spotlight: Remote code execution vulnerability in Apple Safari
blogs_talos·2020-02-12·CVSS 8.8
[HIGH] Vulnerability Spotlight: Remote code execution vulnerability in Apple Safari
Marcin Towalski of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.
The Apple Safari web browser contains a remote code execution vulnerability in its Fonts feature. If a user were to open a malicious web page in Safari, they could trigger a type confusion, resulting in memory corruption and possibly arbitrary code execution. An attacker would need to trick the user into visiting the web page by some means to trigger this vulnerability.
In accordance with our coordinated disclosure policy, Cisco Talos worked with Apple to ensure that these issues are resolved and that an update is available for affected customers.
### Vulnerability detailsApple Safari FontFaceSet remote code execution vulnerability (TALOS-2019-0967/CVE-2020-3868)
A type confusion vulnerability exists in
2020-04-15
Published