Microsoft Windows Multiple Vulnerabilities (KB4015583)

This host is missing an important security update according to Microsoft security update KB4015067. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Microsoft Windows Multiple Vulnerabilities (KB4015219)

This host is missing an important security update according to Microsoft security update KB4015219. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2017-0158)

A Use-After-Free vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to an error in the way VBScript engine manipulates the assignment of dynamic-array variables. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page...

KB4015219: Windows 10 Version 1511 April 2017 Cumulative Update

The remote Windows 10 version 1511 host is missing security update KB4015219. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the open-source libjpeg image processing library due to improper handling of objects in memory. An...

KB4015221: Windows 10 Version 1507 April 2017 Cumulative Update

The remote Windows 10 Version 1507 host is missing security update KB4015221. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the open-source libjpeg image processing library due to improper handling of objects in memory. An...

CVE-2017-0049

The VBScript engine in Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0018, and...

CVE-2017-0049

The VBScript engine in Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0018, and...

March 14, 2017—KB4013429 (OS Build 14393.953)

March 14, 2017—KB4013429 OS Build 14393.953 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed known issue called out in KB3213986. Users may experience delays while running 3D...

VBScript 5.8.7600.16385 / 5.8.9600.16384 - RegExpComp::PnodeParse Out-of-Bounds Read Exploit

Exploit for windows platform in category dos / poc !-- Source: http://blog.skylined.nl/20161108001.html Synopsis A specially crafted script can cause the VBScript engine to read data beyond a memory block for use as a regular expression. An attacker that is able to run such a script in any...

VBScript 5.8.7600.163855.8.9600.16384 - RegExpComp::PnodeParse Out-of-Bounds Read

VBScript 5.8.7600.163855.8.9600.16384 - RegExpComp::PnodeParse Out-of-Bounds Read !-- Source: http://blog.skylined.nl/20161108001.html Synopsis A specially crafted script can cause the VBScript engine to read data beyond a memory block for use as a regular expression. An attacker that is able to...

Internet Explorer 11 VBScript Engine Memory Corruption

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Internet Explorer 11 VBScript Engine Memory Corruption", 'Description' = %q This module exploits the memory corruption...

Internet Explorer 11 VBScript Engine Memory Corruption

This module exploits the memory corruption vulnerability CVE-2016-0189 present in the VBScript engine of Internet Explorer 11. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Internet Explorer ...

Microsoft Multiple Scripting Engine Memory Corruption Vulnerability (CNVD-2016-04925)

Microsoft Internet Explorer IE and Microsoft Edge are web browsers developed by Microsoft Corporation. The former is the default browser that comes with operating systems prior to Windows 10, and the latter is the default browser that comes with the latest operating system, Windows 10. JScript is...

Microsoft Scripting Engine Information Disclosure Vulnerability

Microsoft Edge is a web browser developed by Microsoft and is the default browser that comes with the Windows 10 operating system.VBScript or Visual Basic Script is one of the scripting languages and is the default programming language for ASP dynamic web pages. An information disclosure...

Microsoft Multiple Scripting Engine Memory Corruption Vulnerability

Microsoft Internet Explorer IE and Microsoft Edge are web browsers developed by Microsoft Corporation. The former is the default browser that comes with operating systems prior to Windows 10, and the latter is the default browser that comes with the latest operating system, Windows 10. JScript is...

CVE-2016-3207

The Microsoft 1 JScript 5.8 and 2 VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption...

CVE-2016-3205

The Microsoft 1 JScript 5.8 and 2 VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption...

CVE-2016-3202

The Microsoft 1 Chakra JavaScript, 2 JScript, and 3 VBScript engines, as used in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruptio...

Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CNVD-2016-04077)

Microsoft Internet Explorer IE is a Web browser developed by Microsoft, and is the default browser that comes with the Windows operating system.JScript is one of the interpreted object-based scripting languages; VBScript Visual Basic Script is one of the scripting languages, and is also the defau...

Microsoft Scripting Engine Memory Corruption Vulnerability

Microsoft Internet Explorer IE and Microsoft Edge are web browsers developed by Microsoft Corporation. The former is the default browser that comes with the operating system before Windows 10, and the latter is the default browser that comes with the latest operating system, Windows 10. JScript i...