Kaspersky LabKLA10633KLA10633 code execution vulnerability in Microsoft VBScript
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.266 Low
EPSS
Percentile
96.7%
Detect date:
07/14/2015
Severity:
High
Description:
An unspecified vulnerability was found in Microsoft VBScript. By exploiting this vulnerability malicious users can cause denial of service or execute arbitrary code. This vulnerability can be exploited remotely via a specially designed web site.
Affected products:
Microsoft VBScript versions from 5.6 through 5.8
Solution:
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories:
Impacts:
ACE
Related products:
CVE-IDS:
CVE-2015-23729.3Critical
Microsoft official advisories:
KB list:
References
support.microsoft.com/kb/3065822
support.microsoft.com/kb/3068364
support.microsoft.com/kb/3068368
support.microsoft.com/kb/3068404
support.microsoft.com/kb/3072604
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2372
portal.msrc.microsoft.com/en-us/security-guidance
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2372
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Microsoft-VBScript-engine/
Related
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.266 Low
EPSS
Percentile
96.7%