Vulnerability in Microsoft Internet Explorer 11
CVE-2020-1064
A remote code execution vulnerability exists in the way that the MSHTML engine improperly validates input.An attacker could execute arbitrary code in the context of the current user, aka 'MSHTML Engine Remote Code Execution Vulnerability'.
EPSS: 0.093 (92.9th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Internet Explorer 11 — versions Windows 10 Version 1803 for 32-bit Systems, Windows 10 Version 1803 for x64-based Systems, Windows 10 Version 1803 for ARM64-based Systems
- Microsoft Internet Explorer 11 On Windows 10 Version 1903 For 32-bit Systems — versions unspecified
- Microsoft Internet Explorer 11 On Windows 10 Version 1903 For Arm64-based Systems — versions unspecified
- Microsoft Internet Explorer 11 On Windows 10 Version 1903 For X64-based Systems — versions unspecified
- Microsoft Internet Explorer 11 On Windows 10 Version 1909 For 32-bit Systems — versions unspecified
- Microsoft Internet Explorer 11 On Windows 10 Version 1909 For Arm64-based Systems — versions unspecified
- Microsoft Internet Explorer 11 On Windows 10 Version 1909 For X64-based Systems — versions unspecified
- Microsoft Internet Explorer 11 On Windows Server 2012 — versions unspecified
- Microsoft Internet Explorer 9 — versions Windows Server 2008 for 32-bit Systems Service Pack 2, Windows Server 2008 for x64-based Systems Service Pack 2
References
- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1064 (x_refsource_MISC)