ID de Prueba:	1.3.6.1.4.1.25623.1.0.816614
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (ADV200001)
Resumen:	This host is missing a critical security; update according to Microsoft advisory ADV200001.
Descripción:	Summary: This host is missing a critical security update according to Microsoft advisory ADV200001. Vulnerability Insight: The flaw is due to the way that the scripting engine handles objects in memory in Internet Explorer. Vulnerability Impact: Successful exploitation will allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user and execute arbitrary code. Affected Software/OS: Internet Explorer 9, 10 and 11 Solution: As a workaround restrict access to JScript.dll. CVSS Score: 7.6 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2020-0674 http://packetstormsecurity.com/files/159137/Microsoft-Internet-Explorer-11-Use-After-Free.html http://packetstormsecurity.com/files/161309/Microsoft-Internet-Explorer-11-Use-After-Free.html http://packetstormsecurity.com/files/162565/Microsoft-Internet-Explorer-8-11-Use-After-Free.html https://github.com/maxpl0it/CVE-2020-0674-Exploit https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0674
Copyright	Copyright (C) 2020 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.