Strike ID:
E19-0rao1
CVSS:
4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
False Positive:
t
Variants:
1
Year:
2019

Description

This strike exploits a vulnerability in Microsoft Internet Explorer. By utilizing VBScript.Encode it is possible to bypass the MSHTML Security Zone security policy that is put in place to allow or restrict VBScript from execution.

CVE

References

MSB

BID

ExploitDB

Secunia

Security Tracker

Metasploit

ZDI

Google

OSVDB

{}