Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA11813
HistoryJun 09, 2020 - 12:00 a.m.

KLA11813 Multiple vulnerabilities in Microsoft Browsers

2020-06-0900:00:00
Kaspersky Lab
threats.kaspersky.com
12

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.031 Low

EPSS

Percentile

90.9%

JSON

Detect date:

06/09/2020

Severity:

Critical

Description:

Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, spoof user interface.

Exploitation:

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Affected products:

ChakraCore
Microsoft Edge (Chromium-based) in IE Mode
Microsoft Edge (EdgeHTML-based)
Internet Explorer 9
Internet Explorer 11

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

CVE-2020-1315
CVE-2020-1213
CVE-2020-1215
CVE-2020-1214
CVE-2020-1073
CVE-2020-1216
CVE-2020-1219
CVE-2020-1242
CVE-2020-1220
CVE-2020-1260
CVE-2020-1230

Impacts:

ACE

Related products:

Microsoft Internet Explorer

CVE-IDS:

CVE-2020-12607.6Critical
CVE-2020-12147.6Critical
CVE-2020-12307.6Critical
CVE-2020-13152.6Warning
CVE-2020-12137.6Critical
CVE-2020-12157.6Critical
CVE-2020-12167.6Critical
CVE-2020-10739.3Critical
CVE-2020-12197.6Critical
CVE-2020-12422.6Warning
CVE-2020-12205.8High

KB list:

4561603
4561643
4561649
4560960
4557957
4561666
4561602
4561612
4561616
4561608
4561621

Microsoft official advisories:

References

Related

mskb 12
nessus 12
prion 11
cve 11
threatpost 1
mscve 11
attackerkb 1
checkpoint_advisories 7
thn 1
osv 3
veracode 1
zdi 1
github 1
openvas 10
kaspersky 1
avleonov 1
mskb
mskb
Cumulative security update for Internet Explorer: June 9, 2020
2020-06-09 07:00:00
June 9, 2020—KB4561643 (Monthly Rollup)
2020-06-09 07:00:00
June 9, 2020—KB4561612 (Monthly Rollup)
2020-06-09 07:00:00
nessus
nessus
Security Updates for Internet Explorer (June 2020)
2020-06-09 00:00:00
KB4561669: Windows 7 and Windows Server 2008 R2 June 2020 Security Update
2020-06-09 00:00:00
KB4561674: Windows Server 2012 June 2020 Security Update
2020-06-09 00:00:00
prion
prion
Remote code execution
2020-06-09 20:15:00
Remote code execution
2020-06-09 20:15:00
Remote code execution
2020-06-09 20:15:00
cve
cve
CVE-2020-1260
2020-06-09 20:15:00
CVE-2020-1216
2020-06-09 20:15:00
CVE-2020-1215
2020-06-09 20:15:00
threatpost
threatpost
Microsoft June Patch Tuesday Fixes 129 Flaws in Largest-Ever Update
2020-06-09 19:28:54
mscve
mscve
VBScript Remote Code Execution Vulnerability
2020-06-09 07:00:00
VBScript Remote Code Execution Vulnerability
2020-06-09 07:00:00
Internet Explorer Information Disclosure Vulnerability
2020-06-09 07:00:00
attackerkb
attackerkb
CVE-2020-1315 Internet Explorer Information Disclosure Vulnerability
2020-06-09 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft VBScript Remote Code Execution (CVE-2020-1230)
2020-06-09 00:00:00
Microsoft VBScript Remote Code Execution (CVE-2020-1260)
2020-06-09 00:00:00
Microsoft Browser Memory Corruption (CVE-2020-1219)
2020-06-09 00:00:00
thn
thn
Microsoft Releases June 2020 Security Patches For 129 Vulnerabilities
2020-06-09 18:14:00
osv
osv
CVE-2020-1219
2020-06-09 20:15:14
CVE-2020-1073
2020-06-09 20:15:12
ChakraCore RCE Vulnerability
2022-05-24 17:19:47
veracode
veracode
Remote Code Execution
2020-06-10 03:09:03
zdi
zdi
Microsoft Chakra Intl Object Type Confusion Remote Code Execution Vulnerability
2020-06-09 00:00:00
github
github
ChakraCore RCE Vulnerability
2022-05-24 17:19:47
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4561643)
2020-06-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4561612)
2020-06-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4561666)
2020-06-10 00:00:00
kaspersky
kaspersky
KLA11806 Multiple vulnerabilities in Microsoft Products (ESU)
2020-06-09 00:00:00
avleonov
avleonov
Microsoft Patch Tuesday June 2020: The Bleeding Ghost of SMB
2020-06-23 01:31:46

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.031 Low

EPSS

Percentile

90.9%

JSON
Related for KLA11813
mskb12nessus12prion11cve11threatpost1mscve11attackerkb1checkpoint_advisories7thn1osv3veracode1zdi1github1openvas10kaspersky1avleonov1