CVE-2019-0666

EPSS 20.4%

Vexday Risk Score

8Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 20.4%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

08 Apr 2019Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0665, CVE-2019-0667, CVE-2019-0772.

Affected products

Microsoft · Internet Explorer 10 Microsoft · Internet Explorer 11 Microsoft · Internet Explorer 9

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0666