EUVD-1999-1074

Malware in sbrugna...

📄 Microsoft Windows Server 2025 JScript Engine Remote Code Execution

This proof of concept exploits a use-after-free vulnerability in jscript.dll to achieve code execution via heap spraying. The shellcode executes calc.exe as a demonstration of code execution. !/usr/bin/env python3 Exploit Title: Microsoft Windows Server 2025 JScript Engine - Remote Code Execution...

Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)

!/usr/bin/env python3 Exploit Title: Microsoft Windows Server 2025 JScript Engine - Remote Code Execution RCE Exploit Author: Mohammed Idrees Banyamer Instagram: @@banyamersecurity GitHub: https://github.com/mbanyamer Date: 2025-05-31 CVE: CVE-2025-30397 Vendor: Microsoft Affected Versions: Windo...

Exploit for Type Confusion in Microsoft

CVE-2025-30397---Windows-Server-2025-JScript-RCE-Use-After-Fre...

VulnCheck KEV: CVE-2016-3210

The Microsoft 1 JScript and 2 VBScript engines, as used in Internet Explorer 11, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."...

Microsoft Internet Explorer 11 Use-After-Free

Exploit Title: Microsoft Internet Explorer 11 32-bit - Use-After-Free Date: 2021-02-05 Exploit Author: deadlock Forrest Orr Vendor Homepage: https://www.microsoft.com/ Software Link: https://www.microsoft.com/en-gb/download/internet-explorer.aspx Version: IE 8, 9, 10, and 11 Tested on: Windows 7...

Microsoft Internet Explorer Memory Corruption (CVE-2015-2419)

A remote code execution vulnerability exists in the way that the JScript engine, when rendered in Internet Explorer, handles objects in memory. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with an affected version of Internet Explorer...

PT-2019-3377 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Internet Explorer affected versions not specified Description: A remote code execution issue exists due to the way the scripting engine handles objects in memory. This could allow an attacker to execute arbitrary code in the context of the...

Microsoft Multiple Scripting Engine Memory Corruption Vulnerability (CNVD-2016-04925)

Microsoft Internet Explorer IE and Microsoft Edge are web browsers developed by Microsoft Corporation. The former is the default browser that comes with operating systems prior to Windows 10, and the latter is the default browser that comes with the latest operating system, Windows 10. JScript is...

Microsoft Multiple Scripting Engine Memory Corruption Vulnerability (CNVD-2016-04926)

Microsoft Internet Explorer IE and Microsoft Edge are web browsers developed by Microsoft Corporation. The former is the default browser that comes with operating systems prior to Windows 10, and the latter is the default browser that comes with the latest operating system, Windows 10. JScript is...

Microsoft Multiple Scripting Engine Memory Corruption Vulnerability

Microsoft Internet Explorer IE and Microsoft Edge are web browsers developed by Microsoft Corporation. The former is the default browser that comes with operating systems prior to Windows 10, and the latter is the default browser that comes with the latest operating system, Windows 10. JScript is...

CVE-2016-3207

The Microsoft 1 JScript 5.8 and 2 VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption...

CVE-2016-3206

The Microsoft 1 JScript 5.8 and 2 VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption...

CVE-2016-3202

The Microsoft 1 Chakra JavaScript, 2 JScript, and 3 VBScript engines, as used in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruptio...

Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CNVD-2016-04077)

Microsoft Internet Explorer IE is a Web browser developed by Microsoft, and is the default browser that comes with the Windows operating system.JScript is one of the interpreted object-based scripting languages; VBScript Visual Basic Script is one of the scripting languages, and is also the defau...

Microsoft Scripting Engine Memory Corruption Vulnerability

Microsoft Internet Explorer IE and Microsoft Edge are web browsers developed by Microsoft Corporation. The former is the default browser that comes with the operating system before Windows 10, and the latter is the default browser that comes with the latest operating system, Windows 10. JScript i...

Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CNVD-2016-04056)

Microsoft Internet Explorer IE is a Web browser developed by Microsoft, and is the default browser that comes with the Windows operating system.JScript is one of the interpreted object-based scripting languages; VBScript Visual Basic Script is one of the scripting languages, and is also the defau...

Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CNVD-2016-04052)

Microsoft Internet Explorer IE is a Web browser developed by Microsoft, and is the default browser that comes with the Windows operating system.JScript is one of the interpreted object-based scripting languages; VBScript Visual Basic Script is one of the scripting languages, and is also the defau...

CVE-2016-0187

The Microsoft 1 JScript 5.8 and 2 VBScript 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a...

PT-2016-3361 · Microsoft · Vbscript Engine +3

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 9 through 11 JScript engine version 5.8 VBScript engine versions 5.7 and 5.8 Description: The issue allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a...