cbcvebase.
CVE-2020-0968
published 2020-04-15

CVE-2020-0968: A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory…

high7.5CVSS 3.1
AVNACHPRNUIRSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-05-03
Exploited in the wild
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0970.

Affected

19 ranges
VendorProductVersion rangeFixed in
microsoftchakracore< 1.11.181.11.18
microsoftchakracore
microsoftinternet_explorer
microsoftinternet_explorer
microsoftmicrosoft_edge_on_windows_10_version_1803_for_32-bit_systems
microsoftmicrosoft_edge_on_windows_10_version_1803_for_arm64-based_systems
microsoftmicrosoft_edge_on_windows_10_version_1803_for_x64-based_systems
microsoftmicrosoft_edge_on_windows_10_version_1809_for_32-bit_systems
microsoftmicrosoft_edge_on_windows_10_version_1809_for_arm64-based_systems
microsoftmicrosoft_edge_on_windows_10_version_1809_for_x64-based_systems
microsoftmicrosoft_edge_on_windows_10_version_1903_for_32-bit_systems
microsoftmicrosoft_edge_on_windows_10_version_1903_for_arm64-based_systems
microsoftmicrosoft_edge_on_windows_10_version_1903_for_x64-based_systems
microsoftmicrosoft_edge_on_windows_10_version_1909_for_32-bit_systems
microsoftmicrosoft_edge_on_windows_10_version_1909_for_arm64-based_systems
microsoftmicrosoft_edge_on_windows_10_version_1909_for_x64-based_systems
microsoftmicrosoft_edge_on_windows_server_2019
msrcinternet_explorer_11
msrcinternet_explorer_9

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
ghsa7.5HIGH
osv7.5HIGH
vulncheck7.5HIGH
cisa7.5HIGH