KLA10739Code execution vulnerability in Microsoft VBScript

2016-01-12T00:00:00
ID KLA10739
Type kaspersky
Reporter Kaspersky Lab
Modified 2019-03-07T00:00:00

Description

Detect date:

01/12/2016

Severity:

High

Description:

Improper memory objects handling was found in Microsoft VBScript. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed web content.

Affected products:

Microsoft VBScript versions 5.7 and 5.8

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

CVE-2016-0002

Impacts:

ACE

Related products:

Microsoft VBScript engine

CVE-IDS:

CVE-2016-00027.6High

Microsoft official advisories:

KB list:

3124266
3124263
3124275
3125540
3124624
3124625