A remote code execution vulnerability exists in some versions of Internet Explorer. An attacker who is able to convince a user to visit a malicious or compromised website may be able to execute code on the affected system, with the same permissions as the user.

The vulnerability affects IE 9 on Windows Server 2008, IE 10 on Windows Server 2012, and IE 11 on all other supported versions of Windows.

Recent assessments:

wvu-r7 at January 24, 2020 12:34am UTC reported:

An Edge vuln might be more valuable, but plenty of people still use IE. Last I heard, there was no known PoC. Perhaps only Google and Qihoo 360 have seen these “attacks in the wild.”

Assessed Attacker Value: 0
Assessed Attacker Value: 0Assessed Attacker Value: 0

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200001

www.reddit.com/r/netsec/comments/equ1s6/cve20200674_microsoft_internet_explorer_0day

zdt 5

packetstorm 4

threatpost 8

exploitdb 5

nessus 12

githubexploit 4

checkpoint_advisories 1

mscve 2

openvas 9

kaspersky 3

cisa_kev 1

cert 1

thn 5

trendmicroblog 1

malwarebytes 1

mskb 11

krebs 1

qualysblog 2

securelist 4

prion 7

osv 10

github 5

cvelist 7

veracode 4

nvd 7

cve 7

attackerkb 2

googleprojectzero 2

talosblog 1

zdt

Microsoft Internet Explorer 11 - Use-After-Free Exploit

2020-11-17 00:00:00

Microsoft Internet Explorer 11 32-bit - Use-After-Free Exploit

2021-02-08 00:00:00

Microsoft Internet Explorer 8/11 and WPAD service (Jscript.dll) - Use-After-Free Exploit

2021-05-13 00:00:00

packetstorm

Microsoft Internet Explorer 11 Use-After-Free

2020-09-11 00:00:00

Microsoft Internet Explorer 11 Use-After-Free

2021-02-08 00:00:00

Microsoft Internet Explorer 8/11 Use-After-Free

2021-05-13 00:00:00

threatpost

MacOS Zero-Day Exposes Apple Keychain Passwords

2019-02-06 22:14:04

Microsoft Zero-Day Actively Exploited, Patch Forthcoming

2020-01-21 14:58:58

Adobe Re-Patches Critical Acrobat Reader Flaw

2019-02-21 17:05:31

exploitdb

Internet Explorer 11 - Use-After-Free

2020-09-11 00:00:00

Microsoft Internet Explorer 11 32-bit - Use-After-Free

2021-02-08 00:00:00

Microsoft Internet Explorer 11 and WPAD service 'Jscript.dll' - Use-After-Free

2021-05-13 00:00:00

nessus

Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2020-0674) (Deprecated)

2020-01-22 00:00:00

Security Updates for Internet Explorer (February 2020)

2020-02-11 00:00:00

KB4537822: Windows Server 2008 February 2020 Security Update

2020-03-24 00:00:00

githubexploit

Exploit for Use After Free in Microsoft

2020-05-07 22:02:25

Exploit for Use After Free in Microsoft

2020-09-30 08:08:42

Exploit for Use After Free in Microsoft

2021-07-03 04:17:35

checkpoint_advisories

Microsoft Internet Explorer Use After Free (CVE-2020-0674)

2020-01-20 00:00:00

mscve

Microsoft Guidance on Scripting Engine Memory Corruption Vulnerability

2020-01-17 08:00:00

Scripting Engine Memory Corruption Vulnerability

2020-02-11 08:00:00

openvas

Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (ADV200001)

2020-01-27 00:00:00

Microsoft Windows Multiple Vulnerabilities (KB4537820)

2020-02-12 00:00:00

Microsoft Windows Multiple Vulnerabilities (KB4537814)

2020-02-12 00:00:00

kaspersky

KLA11709 Microsoft Advisory for Windows (ESU)

2020-01-17 00:00:00

KLA11667 Multiple vulnerabilities in Microsoft Browser

2020-02-11 00:00:00

KLA11694 Multiple vulnerabilities in Microsoft products (ESU)

2020-02-11 00:00:00

cisa_kev

Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability

2021-11-03 00:00:00

cert

Microsoft Internet Explorer Scripting Engine memory corruption vulnerability

2020-01-17 00:00:00

thn

Microsoft Warns of Unpatched IE Browser Zero-Day That's Under Active Attacks

2020-01-18 13:11:00

Sophisticated Phishing Campaign Targeting Chinese Users with ValleyRAT and Gh0st RAT

2023-09-20 09:56:00

Browser Bugs Exploited to Install 2 New Backdoors on Targeted Computers

2020-10-30 10:22:00

trendmicroblog

This Week in Security News: Trend Micro Creates Factory Honeypot to Trap Malicious Attackers and Microsoft Leaves 250M Customer Service Records Open to the Web

2020-01-24 13:18:05

malwarebytes

A zero-day guide for 2020: Recent attacks and advanced preventive techniques

2020-06-23 15:00:00

mskb

Cumulative security update for Internet Explorer: February 11, 2020

2020-02-11 08:00:00

February 11, 2020—KB4537810 (Monthly Rollup)

2020-02-11 08:00:00

February 11, 2020—KB4537820 (Monthly Rollup)

2020-02-11 08:00:00

krebs

Microsoft Patch Tuesday, February 2020 Edition

2020-02-11 23:13:57

qualysblog

February 2020 Patch Tuesday – 99 Vulns, 12 Critical, Patch for IE 0-Day, Exchange Vuln, Adobe Vulns

2020-02-11 19:47:15

Managing CISA Known Exploited Vulnerabilities with Qualys VMDR

2022-02-23 05:39:00

securelist

Internet Explorer and Windows zero-day exploits used in Operation PowerFall

2020-08-12 07:00:28

IT threat evolution Q2 2020

2020-09-03 10:00:20

Magnitude exploit kit – evolution

2020-06-24 10:00:16

prion

Remote code execution

2020-02-11 22:15:00

Remote code execution

2020-02-11 22:15:00

Remote code execution

2020-02-11 22:15:00

osv

CVE-2020-0767

2020-02-11 22:15:22

CVE-2020-0710

2020-02-11 22:15:17

CVE-2020-0713

2020-02-11 22:15:17

github

ChakraCore RCE Vulnerability

2022-05-24 17:08:29

ChakraCore RCE Vulnerability

2022-05-24 17:08:29

ChakraCore RCE Vulnerability

2022-05-24 17:08:34

cvelist

CVE-2020-0767

2020-02-11 21:23:29

CVE-2020-0711

2020-02-11 21:23:07

CVE-2020-0710

2020-02-11 21:23:07

veracode

Remote Code Execution (RCE)

2020-02-12 05:26:27

Remote Code Execution

2020-02-12 05:13:20

Remote Code Execution

2020-02-12 05:22:29

nvd

CVE-2020-0674

2020-02-11 22:15:14

CVE-2020-0710

2020-02-11 22:15:17

CVE-2020-0711

2020-02-11 22:15:17

cve

CVE-2020-0767

2020-02-11 22:15:22

CVE-2020-0710

2020-02-11 22:15:17

CVE-2020-0673

2020-02-11 22:15:14

attackerkb

CVE-2020-0767

2020-02-11 00:00:00

CVE-2020-0674

2020-02-11 00:00:00

googleprojectzero

Detection Deficit: A Year in Review of 0-days Used In-The-Wild in 2019

2020-07-29 00:00:00

Déjà vu-lnerability

2021-02-03 00:00:00

talosblog

Microsoft Patch Tuesday — Feb. 2020: Vulnerability disclosures and Snort coverage

2020-02-13 08:22:46

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

EPSS

0.972

Percentile

99.9%

JSON

Related for AKB:B5D126FE-9266-41E6-A40B-09FF5B27A5A5