Internet Explorer Zero-Day Vulnerability Exploited by APT 37

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary North Korean hackers identified as APT37 exploited a previously unknown Internet Explorer zero-day vulnerability to infect South Koreans, North Korean defectors, policymakers, journalists, and human righ...

Microsoft Patch Tuesday November 2022: Exchange ProxyNotShell RCE, JScript9, MoTW, OpenSSL, Edge, CNG, Print Spooler

Hello everyone! This episode will be about Microsoft Patch Tuesday for November 2022, including vulnerabilities that were added between October and November Patch Tuesdays. As usual, I use my open source Vulristics project to create the report. Alternative video link for Russia: The most importan...

Microsoft addressed ProxyNotShell with November Patch Tuesday

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Microsoft addressed six zero-day vulnerabilities in this patch Tuesday, along with other significant vulnerabilities that could lead to Remote Code Execution, Information Disclosure, and Denial of...

Microsoft Patch Tuesday for November 2022 — Snort rules and prominent vulnerabilities

Microsoft released its monthly security update on Tuesday, disclosing 62 vulnerabilities. Of these vulnerabilities, 8 are classified as "Critical" and the rest are classified as "Important." Three of the critical entries are remote code execution RCE vulnerabilities for Windows Point-to-Point...

Microsoft Windows Scripting Languages Remote Code Execution Vulnerability

Microsoft Windows contains an unspecified vulnerability in the JScript9 scripting language which allows for remote code execution...

Security Bulletin: IBM Tivoli Monitoring clients affected by vulnerabilities in IBM JRE executed under a security manager.

Abstract IBM Tivoli Monitoring ships and uses a Java Runtime Environment JRE. This alert addresses several vulnerabilities for the Tivoli Enterprise Portal browser JRE which might allow remote untrusted Java WebStart applications and untrusted Java applets to affect confidentiality, availability...

September 27, 2021—KB5005619 (OS Build 20348.261) Preview

September 27, 2021—KB5005619 OS Build 20348.261 Preview Improvements and fixes This non-security update includes quality improvements. Key changes include: Addresses an issue that might prevent users from opening phone apps that are pinned to the taskbar. This issue occurs after they update to th...

Fuzzing Closed-Source JavaScript Engines with Coverage Feedback

Posted by Ivan Fratric, Project Zero tl;dr I combined Fuzzilli an open-source JavaScript engine fuzzer, with TinyInst an open-source dynamic instrumentation library for fuzzing. I also added grammar-based mutation support to Jackalope my black-box binary fuzzer. So far, these two approaches...

PT-2021-3315 · Microsoft · Windows +1

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to a memory corruption vulnerability in the scripting engine of Microsoft Windows, specifically in the jscript9.dll library. This vulnerability is caused by a...

Microsoft Internet Explorer jscript9.dll Memory Corruption Exploit

There is a vulnerability in jscript9 that could be potentially used by an attacker to execute arbitrary code when viewing an attacker-controlled website in Internet Explorer. The vulnerability has been confirmed on Windows 10 64-bit with the latest security patches applied. Internet Explorer:...

Internet Explorer jscript9.dll Memory Corruption

Internet Explorer: Memory corruption in jscript9.dll related to scope of the arguments object There is a vulnerability in jscript9 that could be potentially used by an attacker to execute arbitrary code when viewing attacker-controlled website in Internet Explorer. The vulnerability has been...

CVE-2021-26419

Scripting Engine Memory Corruption Vulnerability Recent assessments: architect00 at May 14, 2021 10:33am UTC reported: Details The vulnerability affects Internet Explorer 11 on all Windows Versions. It is located in the jscript9.dll library, which is used to execute javascript. Possible attack...

May 20, 2021—KB5003217 (OS Build 17763.1971) Preview

May 20, 2021—KB5003217 OS Build 17763.1971 Preview 5/11/21 REMINDER Windows 10, version 1809 reached end of service on May 11, 2021 for devices running the Enterprise, Education, and IoT Enterprise editions. After May 11, 2021, these devices will no longer receive monthly security and quality...

Microsoft Windows jscript9 RegExp.input Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way the JIT...

Microsoft Windows JavaScript Array Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within jscript9. By...

Microsoft Internet Explorer jscript9 - Java­Script­Stack­Walker Memory Corruption (MS15-056)

Exploit for windows platform in category dos / poc var o­Window = window.open"about:blank"; o­Window.exec­Script'window.o­URIError = new URIError;o­URIError.name = o­URIError;' try "" + o­Window.o­URIError; catche try "" + o­Window.o­URIError; catche Description A Javascript can construct an...

Memory corruption

JScript 9 in Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "JScript9 Memory Corruption Vulnerability."...

Microsoft Internet Explorer Jscript9 Memory Corruption (MS15-065: CVE-2015-2419)

A remote code execution vulnerability exists in the way that the JScript engine, when rendered in Internet Explorer, handles objects in memory. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with an affected version of Internet Explorer...

MS15-065: Security update for Internet Explorer: July 14, 2015

Resolves vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage.SummaryThis security update resolves several reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution i...

(Pwn2Own) Microsoft Internet Explorer DataView Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within jscript9.dll...