MS15-053: Vulnerabilities in JScript and VBScript scripting engines could allow security feature bypass: May 12, 2015

This security update resolves ASLR security feature bypasses in the JScript and VBScript scripting engines in Microsoft Windows.SummaryThis security update resolves address space layout randomization ASLR security feature bypasses in the JScript and VBScript scripting engines in Microsoft Windows...

Microsoft Internet Explorer 5/6 GetObject File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3767/info A flaw exists in Microsoft Internet Explorer that may allow a remote attacker to view known files on a target system when a user views web content containing a specially crafted script. The problem occurs when t...

Internet Explorer 4.0,Outlook 2000/5.5 MSHTML.DLL Crash Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2202/info MSHTML.DLL is the shared library for parsing HTML in Internet Explorer and related applications. It may be possible for an attacker to crash this library remotely and cause a denial of service with special Jscri...

Firefox XPCOM Execute Command

This module runs a shell command on the target OS without touching the disk. On Windows, this command will flash the command prompt momentarily. This can be avoided by setting WSCRIPT to true, which drops a jscript "launcher" to disk that hides the prompt. This module requires Metasploit:...

[SECURITY] Fedora 18 Update: kdelibs3-3.5.10-53.fc18

Libraries for KDE 3: KDE Libraries included: kdecore KDE core library, kdeui user interface, kfm file manager, khtmlw HTML widget, kio Input/Output, networking, kspell spelling checker, jscript javascript, kab addressbook, kimgio image manipulation...

[SECURITY] Fedora 17 Update: kdelibs3-3.5.10-53.fc17

Libraries for KDE 3: KDE Libraries included: kdecore KDE core library, kdeui user interface, kfm file manager, khtmlw HTML widget, kio Input/Output, networking, kspell spelling checker, jscript javascript, kab addressbook, kimgio image manipulation...

[SECURITY] Fedora 19 Update: kdelibs3-3.5.10-53.fc19

Libraries for KDE 3: KDE Libraries included: kdecore KDE core library, kdeui user interface, kfm file manager, khtmlw HTML widget, kio Input/Output, networking, kspell spelling checker, jscript javascript, kab addressbook, kimgio image manipulation...

Microsoft Internet Explorer JavaScript整数溢出代码执行漏洞

Bugtraq ID:54945 CVE ID:CVE-2012-2523 Microsoft Internet Explorer是一款流行的WEB浏览器。 在64位平台上的Microsoft Internet Explorer和JScript 5.8在对象拷贝过程中由于不正确的大小计算，可被攻击者利用触发整数溢出，攻击者构建恶意WEB页，诱使用户解析，可以应用程序上下文执行任意代码。 0 Microsoft Internet Explorer 8 Microsoft Internet Explorer 9 厂商解决方案 用户可参考如下供应商提供的安全公告获得补丁信息：...

Integer overflow

Integer overflow in Microsoft Internet Explorer 8 and 9, JScript 5.8, and VBScript 5.8 on 64-bit platforms allows remote attackers to execute arbitrary code by leveraging an incorrect size calculation during object copying, aka "JavaScript Integer Overflow Remote Code Execution Vulnerability."...

MS12-056: Vulnerability in JScript and VBScript Scripting Engines Could Allow Remote Code Execution (2706045)

The installed versions of the JScript and VBScript scripting engines contain an integer overflow vulnerability that can occur when the scripting engines process a script in a web page and attempt to calculate the size of an object in memory during a copy operation. By tricking a user on the...

Microsoft JScript and VBScript Engines Remote Code Execution Vulnerability (2706045)

This host is missing an important security update according to Microsoft Bulletin MS12-056. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft VBScript And JScript Scripting Engines Integer Overflow Code Execution Vulnerability

Description Microsoft VBScript and JScript scripting engines are prone to a remote code-execution vulnerability due to an integer-overflow error. Attackers can leverage this issue by enticing unsuspecting users to view a malicious webpage. Successful exploits would allow arbitrary code to run wit...

Microsoft Windows multiple security vulnerabilities

SMB client and server memory corruption, Fax Cover Page Editor memory corruption, MFC library unsafe DLL loading, MHTML library information leak, GDI+ library integer overflow, DNS client memory corruption, memory corruption in .Net Framework, memory corruption in JScript / VBScript engines, stac...

CVE-2011-0663

Multiple integer overflows in the Microsoft 1 JScript 5.6 through 5.8 and 2 VBScript 5.6 through 5.8 scripting engines allow remote attackers to execute arbitrary code via a crafted web page, aka "Scripting Memory Reallocation Vulnerability."...

Integer overflow

Multiple integer overflows in the Microsoft 1 JScript 5.6 through 5.8 and 2 VBScript 5.6 through 5.8 scripting engines allow remote attackers to execute arbitrary code via a crafted web page, aka "Scripting Memory Reallocation Vulnerability."...

CVE-2011-0663

Multiple integer overflows in the Microsoft 1 JScript 5.6 through 5.8 and 2 VBScript 5.6 through 5.8 scripting engines allow remote attackers to execute arbitrary code via a crafted web page, aka "Scripting Memory Reallocation Vulnerability."...

Microsoft JScript and VBScript Scripting Engines Remote Code Execution Vulnerability (2514666)

This host is missing a critical security update according to Microsoft Bulletin MS11-031. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

PT-2011-2540 · Microsoft · Jscript +1

Name of the Vulnerable Software and Affected Versions: Microsoft JScript versions 5.6 through 5.8 Microsoft VBScript versions 5.6 through 5.8 Description: The issue is related to multiple integer overflows in the scripting engines, which allow remote attackers to execute arbitrary code via a...

MS11-031: Vulnerability in JScript and VBScript Scripting Engines Could Allow Remote Code Execution (2514666)

The installed version of the JScript and VBScript scripting engines contains an integer overflow vulnerability that can occur when the scripting engines process a script in a web page and attempt to reallocate memory while decoding the script. If an attacker can trick a user on the affected syste...

Microsoft VBScript And JScript Scripting Engines Remote Code Execution Vulnerability

Description Microsoft VBScript and JScript scripting engines are prone to a remote code-execution vulnerability. Attackers can leverage this issue by enticing unsuspecting users to view a malicious webpage. Successful exploits would allow arbitrary code to run with the privileges of the currently...