|
|
|||
| Rule General Information |
|---|
| Release Date: | 2019-04-30 | |
| Rule Name: | Microsoft Internet Explorer 11 VBScript Execution Policy Bypass Vulnerability -2 (CVE-2019-0768) | |
| Severity: | ||
| CVE ID: | ||
| CNNVD ID: | ||
| Rule Protection Details |
|---|
| Description: | A security feature bypass vulnerability exists when Internet Explorer VBScript execution policy does not properly restrict VBScript under specific conditions, and to allow requests that should otherwise be ignored, aka 'Internet Explorer Security Feature Bypass Vulnerability'. | |
| Impact: | A remote attacker could exploit this vulnerability by enticing a user to open a web page. Successful exploitation could allow the bypass of VBScript security zone policy. | |
| Affected OS: | Windows, Linux, FreeBSD, Solaris, Other Unix, Network Device, Mac OS, iOS, Android, Others | |
| Reference: | https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0768 https://bugs.chromium.org/p/project-zero/issues/detail?id=1738 SecurityFocusBID:107279 ExploitDB:46567 |
|
| Solutions |
|---|
| The vendors have released upgrade patches to fix vulnerabilities, please visit: https://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2019-0768 |