Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Microsoft Internet Explorer 11 (Windows 10) - VBScript Memory Corruption (MS16-051)

🗓️ 22 Jun 2016 00:00:00Reported by Brian PakType 
exploitdb
 exploitdb🔗 www.exploit-db.com👁 670 Views

Microsoft Internet Explorer 11 (Windows 10) VBScript Memory Corruption (MS16-051) exploi

Related
Code
ReporterTitlePublishedViews
Family
0day.today		Microsoft Internet Explorer 11 (Windows 10) - VBScript Memory Corruption Proof-of-Concept Exploit (M
22 Jun 201600:00
zdt
GithubExploit		Exploit for Out-of-bounds Write in Microsoft
25 Jun 201601:48
githubexploit
GithubExploit		Exploit for Out-of-bounds Write in Microsoft
22 Jun 201623:03
githubexploit
GithubExploit		Exploit for Out-of-bounds Write in Microsoft
29 Apr 202620:50
githubexploit
ATTACKERKB		CVE-2016-0189
11 May 201600:00
attackerkb
ATTACKERKB		CVE-2016-0187
11 May 201600:00
attackerkb
Circl		CVE-2016-0189
2 Oct 201616:51
circl
CISA KEV Catalog		Microsoft Internet Explorer Memory Corruption Vulnerability
28 Mar 202200:00
cisa_kev
CNVD		Microsoft JScript and VBScript Scripting Engine Memory Corruption Vulnerability (CNVD-2016-03119)
12 May 201600:00
cnvd
Check Point Advisories		Microsoft Internet Explorer Memory Corruption (MS16-051: CVE-2016-0189)
10 May 201600:00
checkpoint_advisories
Rows per page
Source: https://github.com/theori-io/cve-2016-0189

# CVE-2016-0189
Proof-of-Concept exploit for CVE-2016-0189 (VBScript Memory Corruption in IE11)

Tested on Windows 10 IE11.

### Write-up
http://theori.io/research/cve-2016-0189

### To run
1. Download `support/*.dll` (or compile \*.cpp for yourself) and `exploit/*.html` to a directory.
2. Serve the directory using a webserver (or python's simple HTTP server).
3. Browse with a victim IE to `vbscript_bypass_pm.html`.
4. (Re-fresh or re-open in case it doesn't work; It's not 100% reliable.)

Exploit-DB Mirror: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/40118.zip

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
22 Jun 2016 00:00Current
7.9High risk
Vulners AI Score7.9
CVSS 3.17.5
CVSS 27.6
EPSS0.90799
SSVC
microsoftinternet explorerwindows 10vbscriptmemory corruptionms16-051cve-2016-0189proof-of-conceptexploittheori ioexploit-db mirror
670