CVE-2020-1058 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Internet Explorer 11
Severity
7.5HIGHNVD
EPSS
5.1%
top 10.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMay 21
Latest updateMay 24
Description
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1035, CVE-2020-1060, CVE-2020-1093.
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9
Affected Packages10 packages
▶CVEListV5microsoft/internet_explorer_9Windows Server 2008 for 32-bit Systems Service Pack 2, Windows Server 2008 for x64-based Systems Service Pack 2+1
Patches
🔴Vulnerability Details
2GHSA▶
GHSA-74cx-996h-cj5v: A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulner↗2022-05-24
CVEList▶
CVE-2020-1058: A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulner↗2020-05-21
📋Vendor Advisories
3Microsoft▶
It was found that PostgreSQL versions before 12.4 before 11.9 and before 10.14 did not properly sanitize the search_path during logical replication. An authenticated attacker could use this flaw in an↗2020-08-11
💬Community
1Bugzilla
▶