Fwd: [CIVN-0280] Remote Code Execution Vulnerability in VB Script Engine

Remote Code Execution Vulnerability in VB Script Engine

https://www.cert-in.org.in/

Severity Rating: High

Software Affected:

Internet Explorer 9

Internet Explorer 11

Overview:

A remote code execution vulnerability has been reported in VB Script Engine

which could allow an attacker to execute arbitrary code on the targeted

system.

Description

This exists in Microsoft VB Script Engine due to improper handling the

objects in memory by the affected VB Script engine. A remote attacker could

exploit this vulnerability by convincing a user to open a specially crafted

document or by convincing a user to visit a malicious web application.

Successful exploitation of this vulnerability could execute arbitrary code

in the context of the current user on the targeted system.

Solution

Apply appropriate patches as mentioned in Microsoft Security Bulletin:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/

Vendor Information

Microsoft

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory

References:

Microsoft

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020

- -1403

CVE Name

CVE-2020-1403

About Cert Advisory

We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.

Fwd: [CIVN-0280] Remote Code Execution Vulnerability in VB Script Engine

About Cert Advisory

Related Posts

Popular Posts

Facebook

Blog Archive