cve/2020/CVE-2020-0674.md

### [CVE-2020-0674](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0674)
![](https://img.shields.io/static/v1?label=Product&message=Internet%20Explorer%2010&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Internet%20Explorer%2011%20on%20Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Internet%20Explorer%2011%20on%20Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Internet%20Explorer%2011%20on%20Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Internet%20Explorer%2011%20on%20Windows%2010%20Version%201909%20for%2032-bit%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Internet%20Explorer%2011%20on%20Windows%2010%20Version%201909%20for%20ARM64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Internet%20Explorer%2011%20on%20Windows%2010%20Version%201909%20for%20x64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Internet%20Explorer%2011%20on%20Windows%20Server%202012&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Internet%20Explorer%2011&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Internet%20Explorer%209&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen)

### Description

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767.

### POC

#### Reference
- http://packetstormsecurity.com/files/159137/Microsoft-Internet-Explorer-11-Use-After-Free.html
- http://packetstormsecurity.com/files/161309/Microsoft-Internet-Explorer-11-Use-After-Free.html
- http://packetstormsecurity.com/files/162565/Microsoft-Internet-Explorer-8-11-Use-After-Free.html

#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/404notf0und/CVE-Flow
- https://github.com/5l1v3r1/CVE-2020-0674
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/CnHack3r/Penetration_PoC
- https://github.com/EchoGin404/-
- https://github.com/EchoGin404/gongkaishouji
- https://github.com/GhostTroops/TOP
- https://github.com/JERRY123S/all-poc
- https://github.com/Ken-Abruzzi/CVE-2020-0674
- https://github.com/Micky-Thongam/Internet-Explorer-UAF
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/Neko-chanQwQ/CVE-2020-0674-PoC
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/Tyro-Shan/gongkaishouji
- https://github.com/YIXINSHUWU/Penetration_Testing_POC
- https://github.com/ZTK-009/Penetration_PoC
- https://github.com/alphaSeclab/sec-daily-2020
- https://github.com/binaryfigments/CVE-2020-0674
- https://github.com/cyberanand1337x/bug-bounty-2022
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/ernestang98/win-exploits
- https://github.com/forrest-orr/DoubleStar
- https://github.com/hasee2018/Penetration_Testing_POC
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/hktalent/TOP
- https://github.com/huike007/penetration_poc
- https://github.com/huike007/poc
- https://github.com/hwiwonl/dayone
- https://github.com/jbmihoub/all-poc
- https://github.com/lions2012/Penetration_Testing_POC
- https://github.com/maxpl0it/CVE-2019-17026-Exploit
- https://github.com/maxpl0it/CVE-2020-0674-Exploit
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/password520/Penetration_PoC
- https://github.com/pentration/gongkaishouji
- https://github.com/sbroekhoven/CVE-2020-0674
- https://github.com/soosmile/POC
- https://github.com/suspiciousbytes/CVE-2020-0674
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
- https://github.com/wugedz/CVEs
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/yedada-wei/-
- https://github.com/yedada-wei/gongkaishouji
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2020-0674](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0674)`
			`![](https://img.shields.io/static/v1?label=Product&message=Internet%20Explorer%2010&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Internet%20Explorer%2011%20on%20Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Internet%20Explorer%2011%20on%20Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Internet%20Explorer%2011%20on%20Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Internet%20Explorer%2011%20on%20Windows%2010%20Version%201909%20for%2032-bit%20Systems&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Internet%20Explorer%2011%20on%20Windows%2010%20Version%201909%20for%20ARM64-based%20Systems&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Internet%20Explorer%2011%20on%20Windows%2010%20Version%201909%20for%20x64-based%20Systems&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Internet%20Explorer%2011%20on%20Windows%20Server%202012&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Internet%20Explorer%2011&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Internet%20Explorer%209&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen)`

			`### Description`

			`A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767.`

			`### POC`

			`#### Reference`
			`- http://packetstormsecurity.com/files/159137/Microsoft-Internet-Explorer-11-Use-After-Free.html`
			`- http://packetstormsecurity.com/files/161309/Microsoft-Internet-Explorer-11-Use-After-Free.html`
			`- http://packetstormsecurity.com/files/162565/Microsoft-Internet-Explorer-8-11-Use-After-Free.html`

			`#### Github`
			`- https://github.com/0xT11/CVE-POC`
			`- https://github.com/404notf0und/CVE-Flow`
			`- https://github.com/5l1v3r1/CVE-2020-0674`
			`- https://github.com/ARPSyndicate/cvemon`
			`- https://github.com/CVEDB/PoC-List`
			`- https://github.com/CVEDB/awesome-cve-repo`
			`- https://github.com/CVEDB/top`
			`- https://github.com/CnHack3r/Penetration_PoC`
			`- https://github.com/EchoGin404/-`
			`- https://github.com/EchoGin404/gongkaishouji`
			`- https://github.com/GhostTroops/TOP`
			`- https://github.com/JERRY123S/all-poc`
			`- https://github.com/Ken-Abruzzi/CVE-2020-0674`
			`- https://github.com/Micky-Thongam/Internet-Explorer-UAF`
			`- https://github.com/Mr-xn/Penetration_Testing_POC`
			`- https://github.com/Neko-chanQwQ/CVE-2020-0674-PoC`
			`- https://github.com/Ostorlab/KEV`
			`- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors`
Update CVE sources 2024-06-07 04:52 2024-06-07 04:52:01 +00:00			`- https://github.com/Tyro-Shan/gongkaishouji`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/YIXINSHUWU/Penetration_Testing_POC`
Update Mon May 27 13:12:02 UTC 2024 2024-05-27 13:12:02 +00:00			`- https://github.com/ZTK-009/Penetration_PoC`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/alphaSeclab/sec-daily-2020`
			`- https://github.com/binaryfigments/CVE-2020-0674`
			`- https://github.com/cyberanand1337x/bug-bounty-2022`
			`- https://github.com/developer3000S/PoC-in-GitHub`
Update CVE sources 2024-06-07 17:53 2024-06-07 17:53:02 +00:00			`- https://github.com/ernestang98/win-exploits`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/forrest-orr/DoubleStar`
			`- https://github.com/hasee2018/Penetration_Testing_POC`
			`- https://github.com/hectorgie/PoC-in-GitHub`
			`- https://github.com/hktalent/TOP`
			`- https://github.com/huike007/penetration_poc`
			`- https://github.com/huike007/poc`
			`- https://github.com/hwiwonl/dayone`
			`- https://github.com/jbmihoub/all-poc`
			`- https://github.com/lions2012/Penetration_Testing_POC`
			`- https://github.com/maxpl0it/CVE-2019-17026-Exploit`
			`- https://github.com/maxpl0it/CVE-2020-0674-Exploit`
			`- https://github.com/nomi-sec/PoC-in-GitHub`
			`- https://github.com/password520/Penetration_PoC`
Update CVE sources 2024-08-12 19:01 2024-08-12 19:01:27 +00:00			`- https://github.com/pentration/gongkaishouji`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/sbroekhoven/CVE-2020-0674`
			`- https://github.com/soosmile/POC`
			`- https://github.com/suspiciousbytes/CVE-2020-0674`
			`- https://github.com/weeka10/-hktalent-TOP`
			`- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-`
			`- https://github.com/wugedz/CVEs`
			`- https://github.com/xuetusummer/Penetration_Testing_POC`
			`- https://github.com/yedada-wei/-`
			`- https://github.com/yedada-wei/gongkaishouji`