CVE-2019-0768

MEDIUM

Internet Explorer - Security Feature Bypass via VBScript Execution Policy

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2019-0768. PoCs published by Google Security Research, ruthlezs.

AI-analyzed exploit summary This exploit bypasses the VBScript execution policy in IE11 by using the 'VBScript.Encode' language attribute instead of 'VBScript', which evades the security zone check in MSHTML. It demonstrates arbitrary code execution via a simple message box.

Description

A security feature bypass vulnerability exists when Internet Explorer VBScript execution policy does not properly restrict VBScript under specific conditions, and to allow requests that should otherwise be ignored, aka 'Internet Explorer Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0761.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Google Security Research · htmldoswindows

https://www.exploit-db.com/exploits/46567

View Code ZIP pw:eip

This exploit bypasses the VBScript execution policy in IE11 by using the 'VBScript.Encode' language attribute instead of 'VBScript', which evades the security zone check in MSHTML. It demonstrates arbitrary code execution via a simple message box.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Internet Explorer 11 on Windows 10 1809

No auth needed

Prerequisites: Victim must visit a malicious webpage using IE11 · Target system must be running Windows 10 1809 or a vulnerable version

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC 9 stars

by ruthlezs · poc

https://github.com/ruthlezs/ie11_vbscript_exploit

View Code ZIP pw:eip

This is a Python script that generates an HTML file exploiting CVE-2019-0768 and CVE-2018-8174 in Internet Explorer 11 via VBScript. It uses Metasploit's msfvenom to generate a reverse TCP shell payload and embeds it in the HTML file for delivery.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Internet Explorer 11

No auth needed

Prerequisites: Metasploit · msfvenom · Python · Target using IE11

MITRE ATT&CK

T1189 - Drive-by Compromise T1059.005 - Visual Basic

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Patch, Vendor Advisory x_refsource_confirm

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0768

Scores

CVSS v3 4.3

EPSS 0.8501

EPSS Percentile 99.4%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Details

CWE

CWE-20

Status published

Products (1)

microsoft/internet_explorer 11

Published Apr 09, 2019

Tracked Since Feb 18, 2026