Lucene search

PRIOn knowledge basePRION:CVE-2008-0083

HistoryApr 08, 2008 - 11:05 p.m.

Code injection

2008-04-0823:05:00

PRIOn knowledge base

www.prio-n.com

7.6 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.682 Medium

EPSS

Percentile

97.9%

JSON

The (1) VBScript (VBScript.dll) and (2) JScript (JScript.dll) scripting engines 5.1 and 5.6, as used in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2, do not properly decode script, which allows remote attackers to execute arbitrary code via unknown vectors.

References

secunia.com/advisories/29712

www.securityfocus.com/bid/28551

www.securitytracker.com/id?1019799

www.us-cert.gov/cas/techalerts/TA08-099A.html

www.vupen.com/english/advisories/2008/1146/references

docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-022

marc.info/?l=bugtraq&m=120845064910729&w=2

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5495

7.6 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.682 Medium

EPSS

Percentile

97.9%

JSON

Related for PRION:CVE-2008-0083