Showing 1 - 5 of 5

CVE-2020-1380

Status Candidate

Overview

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.

Related Files

Gentoo Linux Security Advisory 202405-30: Posted May 13, 2024; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202405-30 - A vulnerability has been discovered in Rebar3, which can lead to command injection. Versions greater than or equal to 3.14.4 are affected.; tags | advisory; systems | linux, gentoo; advisories | CVE-2020-13802; SHA-256 | 51a4e5900920bc1ca3da855df059374aad60c870196002a1cc75135def3cbac9; Download | Favorite | View

Internet Explorer jscript9.dll Memory Corruption: Posted Jun 9, 2021; Authored by Ivan Fratric, Google Security Research; There is a vulnerability in jscript9 that could potentially be exploited to execute arbitrary code when viewing an attacker-controlled website in Internet Explorer. The vulnerability has been confirmed on Windows 10 64-bit with the latest security patches applied.; tags | exploit, arbitrary; systems | windows; advisories | CVE-2020-1380, CVE-2021-31959; SHA-256 | 606c70d052dc8c1d7e1341312dd04cc58864a77781e24662e763b3034ce543ce; Download | Favorite | View

Gentoo Linux Security Advisory 202011-09: Posted Nov 11, 2020; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202011-9 - Multiple vulnerabilities have been found in QEMU, the worst of which could result in the arbitrary execution of code. Versions less than 5.1.0-r1 are affected.; tags | advisory, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2020-10717, CVE-2020-10761, CVE-2020-13253, CVE-2020-13361, CVE-2020-13362, CVE-2020-13659, CVE-2020-13754, CVE-2020-13791, CVE-2020-13800, CVE-2020-14364; SHA-256 | 5d95ad52fc75012ed91b82e53b3043a7867fe90adef97e5fe61a56d75c7075b6; Download | Favorite | View

Rebar3 3.13.2 Command Injection: Posted Sep 1, 2020; Authored by Alexey Pronin; Rebar3 versions 3.0.0-beta.3 through 3.13.2 suffer from a command injection vulnerability.; tags | exploit; advisories | CVE-2020-13802; SHA-256 | ec2b41f1be4cf19047c4fa3acd9dd1f671c7454b455ba2e568edf51aebae1ffe; Download | Favorite | View

Ubuntu Security Notice USN-4467-1: Posted Aug 20, 2020; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4467-1 - Ziming Zhang and VictorV discovered that the QEMU SLiRP networking implementation incorrectly handled replying to certain ICMP echo requests. An attacker inside a guest could possibly use this issue to leak host memory to obtain sensitive information. This issue only affected Ubuntu 18.04 LTS. Eric Blake and Xueqiang Wei discovered that the QEMU NDB implementation incorrectly handled certain requests. A remote attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. Various other issues were also addressed.; tags | advisory, remote, denial of service; systems | linux, ubuntu; advisories | CVE-2020-10756, CVE-2020-10761, CVE-2020-12829, CVE-2020-13253, CVE-2020-13361, CVE-2020-13362, CVE-2020-13659, CVE-2020-13754, CVE-2020-13765, CVE-2020-13800, CVE-2020-14415, CVE-2020-15863, CVE-2020-16092; SHA-256 | 9aa3179b34eb601658a9a487805ca5302a3e7b10616c6b4f88ebda6983d3906c; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 226 files
Ubuntu 86 files
Gentoo 31 files
Debian 21 files
tmrswrr 10 files
Sina Kheirkhah 7 files
bRpsd 4 files
Rodolfo Tavares 4 files
nu11secur1ty 3 files
Google Security Research 3 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,078)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,374)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,287)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,660)
UNIX (9,426)
UnixWare (187)
Windows (6,666)
Other

CVE-2020-1380

Overview

Related Files

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems