Lucene search
Hossein Lotfi of Trend Micro Zero Day InitiativeZDI-20-639HistoryMay 12, 2020 - 12:00 a.m.
Microsoft Internet Explorer CWMPErrorDlg Use-After-Free Remote Code Execution Vulnerability
2020-05-1200:00:00
Hossein Lotfi of Trend Micro Zero Day Initiative
www.zerodayinitiative.com
11
0.002 Low
EPSS
Percentile
54.6%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the CWMPErrorDlg object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process.
Related
mscve
mscve
Media Foundation Memory Corruption Vulnerability
2020-05-12 07:00:00
prion
prion
Memory corruption
2020-05-21 23:15:00
Memory corruption
2020-05-21 23:15:00
Memory corruption
2020-05-21 23:15:00
nvd
nvd
cve
cve
cvelist
cvelist
mskb
mskb
May 12, 2020âKB4556843 (Security-only update)
2020-05-12 07:00:00
May 12, 2020âKB4556836 (Monthly Rollup)
2020-05-12 07:00:00
kaspersky
kaspersky
KLA11777 Multiple vulnerabilities in Microsoft Products (ESU)
2020-05-12 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4556836)
2020-05-13 00:00:00
nessus
nessus
KB4556843: Windows 7 and Windows Server 2008 R2 May 2020 Security Update
2020-05-12 00:00:00
