Rewterz Threat Advisory – CVE-2019-19781 – Citrix Patches Flaw in Citrix ADC 11.1 and 12.0
January 20, 2020Rewterz Threat Alert – Emotet is Back from Holiday
January 20, 2020Rewterz Threat Advisory – CVE-2019-19781 – Citrix Patches Flaw in Citrix ADC 11.1 and 12.0
January 20, 2020Rewterz Threat Alert – Emotet is Back from Holiday
January 20, 2020Severity
High
Analysis Summary
The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.
Impact
- Execute arbitrary code
- Privilege access
Affected Vendors
Microsoft
Affected Products
- Internet Explorer 9
- Internet Explorer 10
- Internet Explorer 11
Remediation
Preventing the loading of the JScript.dll library can manually block the exploitation of this vulnerability.
For 32-bit systems:
takeown / f% windir% \ system32 \ jscript.dll
cacls% windir% \ system32 \ jscript.dll / E / P everyone: N
For 64-bit systems:
takeown / f% windir% \ syswow64 \ jscript.dll
cacls% windir% \ syswow64 \ jscript.dll / E / P everyone: N
takeown / f% windir% \ system32 \ jscript.dll
cacls% windir% \ system32 \ jscript.dll / E / P everyone: N