Test ID:	1.3.6.1.4.1.25623.1.0.816614
Category:	Windows : Microsoft Bulletins
Title:	Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (ADV200001)
Summary:	This host is missing a critical security; update according to Microsoft advisory ADV200001.
Description:	Summary: This host is missing a critical security update according to Microsoft advisory ADV200001. Vulnerability Insight: The flaw is due to the way that the scripting engine handles objects in memory in Internet Explorer. Vulnerability Impact: Successful exploitation will allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user and execute arbitrary code. Affected Software/OS: Internet Explorer 9, 10 and 11 Solution: As a workaround restrict access to JScript.dll. CVSS Score: 7.6 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2020-0674 http://packetstormsecurity.com/files/159137/Microsoft-Internet-Explorer-11-Use-After-Free.html http://packetstormsecurity.com/files/161309/Microsoft-Internet-Explorer-11-Use-After-Free.html http://packetstormsecurity.com/files/162565/Microsoft-Internet-Explorer-8-11-Use-After-Free.html https://github.com/maxpl0it/CVE-2020-0674-Exploit https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0674
Copyright	Copyright (C) 2020 Greenbone Networks GmbH

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.