CVE-2019-0752
CVE-2019-0752
In short
A vulnerability in Internet Explorer's scripting engine allows attackers to execute malicious code by corrupting memory when the browser processes specially crafted web content. This can give attackers complete control over your computer.
Technical detail
A memory corruption vulnerability in Internet Explorer's scripting engine (CWE-843) allows remote code execution when processing malicious scripts. The attack vector is network-based, requiring user interaction to visit a compromised or attacker-controlled webpage; successful exploitation results in arbitrary code execution with the privileges of the user running the browser.
Summary generated and translated by AI from the official description.
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0739, CVE-2019-0753, CVE-2019-0862.
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
public PoCs found — 3
githubgithub.com/edxsh/CVE-2019-0752★ 2cve_referencepacketstormsecurity.com/files/153078/Microsoft-Internet-Explorer-Windows-10-1809-17763.316-Memory-Corruption.htmlunverifiedexploitdbwww.exploit-db.com/exploits/46928unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://packetstormsecurity.com/files/153078/Microsoft-Internet-Explorer-Windows-10-1809-17763.316-Memory-Corruption.htmlhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0752https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0752https://www.zerodayinitiative.com/advisories/ZDI-19-359/