Vulnerability identifier: #VU24384

Vulnerability risk: Critical

CVSSv3.1: 8.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2020-0674

CWE-ID: CWE-119

Exploitation vector: Network

Exploits in database: 12

• December 13, 2023
  • Internet-Explorer-UAF (Porting the CVE-2020-0674 exploit for Windows8.1 and Windows10) [Github]
• July 26, 2021
  • CVE-2020-0674-PoC (随便放点自己弄的小东西) [Github]
• July 4, 2021
  • CVE-2020-0674-PoC (随便放点自己弄的小东西) [Github]
• June 17, 2021
  • Microsoft Internet Explorer 11 - Use-After-Free [Exploit-DB]
  • Microsoft Internet Explorer 11 32-bit - Use-After-Free [Exploit-DB]
• May 20, 2021
  • Microsoft Internet Explorer 8/11 and WPAD service 'Jscript.dll' - Use-After-Free [Exploit-DB]
• February 12, 2021
  • Microsoft Internet Explorer 11 Use-After-Free [Packet Storm]
• September 30, 2020
  • CVE-2020-0674 () [Github]
• September 14, 2020
  • Internet Explorer 11 - Use-After-Free [Exploit-DB]
• August 21, 2020
  • CVEs (Some exploits and pocs.) [Github]
• June 3, 2020
  • CVE-2020-0674 (Info about CVE-2020-0674) [Github]
• May 8, 2020
  • CVE-2020-0674-Exploit (This is an exploit for CVE-2020-0674 that runs on the x64 version of IE 8, 9, 10, and 11 on Windows 7.) [Github]

Impact: Code execution

Vulnerable software:
Microsoft Internet Explorer
Client/Desktop applications / Web browsers

Vendor: Microsoft