CVE-2019-1221
HIGHInternet Explorer - Remote Code Execution via Scripting Engine Memory Corruption
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2019-1221. PoCs published by edxsh.
AI-analyzed exploit summary This repository contains a proof-of-concept exploit for CVE-2019-1221, targeting Internet Explorer 11 32-bit on Windows 10 x64 up to RS5. The exploit leverages VBScript.Encode (CVE-2019-0768) to bypass mitigations and executes `calc` using WinExec.
Description
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'.
Exploits (1)
This repository contains a proof-of-concept exploit for CVE-2019-1221, targeting Internet Explorer 11 32-bit on Windows 10 x64 up to RS5. The exploit leverages VBScript.Encode (CVE-2019-0768) to bypass mitigations and executes `calc` using WinExec.
References (1)
Scores
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H