Main Vulnerability Database Vulnerabilities #VU17953

#VU17953 Permissions, Privileges, and Access Controls in Microsoft Internet Explorer - CVE-2019-0768

Published: March 13, 2019 / Updated: June 17, 2021

Vulnerability identifier: #VU17953

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:A/U:Clear

CVE-ID: CVE-2019-0768

CWE-ID: CWE-264

Exploitation vector: Remote access

Exploit availability: The vulnerability is being exploited in the wild

Vulnerable software:
Microsoft Internet Explorer

Software vendor:
Microsoft

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to incorrect implementation of the Internet Explorer VBScript execution policy. A remote attacker can create a specially crafted web page, trick the victim into visiting it and trigger the VBScript engine to send requests that should otherwise be ignored.

Remediation

Install updates from vendor's website.

External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0768

#VU17953 Permissions, Privileges, and Access Controls in Microsoft Internet Explorer - CVE-2019-0768

Description

Remediation

External links

Please verify you're human