|
|
|||
| Rule General Information |
|---|
| Release Date: | 2021-01-29 | |
| Rule Name: | Microsoft Internet Explorer comparator sort method Use-After-Free Vulnerability (CVE-2020-0674) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767. | |
| Impact: | A use-after-free vulnerability can be exploited by an attacker in the vulnerable product. Successful exploit may cause some adverse consequences, such as crash of the product, execution of arbitrary code. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | http://packetstormsecurity.com/files/159137/Microsoft-Internet-Explorer-11-Use-After-Free.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0674 https://github.com/maxpl0it/CVE-2020-0674-Exploit |
|
| Solutions |
|---|
| The vendors have released upgrade patches to fix vulnerabilities, please visit: https://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2020-0674 |