1197 matches found
Microsoft VBScript CVE-2016-3375 Remote Memory Corruption Vulnerability
Description Microsoft VBScript is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can take advantage of this vulnerability to execute arbitrary code in the context of the currently...
Dropbox: XSS in OAuth Redirect Url
Hello guys, I found a XSS vulnerability in the OAuth Redirect Url parameter . So deep into the bug : Go to https://www.dropbox.com/developers/ Create an application In Redirect URIs , if you try to add javascript:alert1 it will tell you that javascript protocol is not accepted. But if you try to...
Internet Explorer 11 VBScript Engine Memory Corruption
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Internet Explorer 11 VBScript Engine Memory Corruption", 'Description' = %q This module exploits the memory corruption...
Internet Explorer 11 VBScript Engine Memory Corruption
This module exploits the memory corruption vulnerability CVE-2016-0189 present in the VBScript engine of Internet Explorer 11. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Internet Explorer ...
Malicious VBScript In HTML
A malicious Visual Basic Script VBS exists in an HTML-based web site. A remote attacker can exploit this issue by enticing a target user to open a specially crafted web page. Successful exploitation would allow an attacker to execute arbitrary code...
Cerber: Analyzing a Ransomware Attack Methodology To Enable Protection
Ransomware is a common method of cyber extortion for financial gain that typically involves users being unable to interact with their files, applications or systems until a ransom is paid. Accessibility of cryptocurrency such as Bitcoin has directly contributed to this ransomware model. Based on...
Microsoft Multiple Scripting Engine Memory Corruption Vulnerability (CNVD-2016-04925)
Microsoft Internet Explorer IE and Microsoft Edge are web browsers developed by Microsoft Corporation. The former is the default browser that comes with operating systems prior to Windows 10, and the latter is the default browser that comes with the latest operating system, Windows 10. JScript is...
Microsoft Multiple Scripting Engine Memory Corruption Vulnerability (CNVD-2016-04926)
Microsoft Internet Explorer IE and Microsoft Edge are web browsers developed by Microsoft Corporation. The former is the default browser that comes with operating systems prior to Windows 10, and the latter is the default browser that comes with the latest operating system, Windows 10. JScript is...
CVE-2016-3271
The VBScript engine in Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability."...
CVE-2016-3260
The Microsoft 1 JScript 9, 2 VBScript, and 3 Chakra JavaScript engines, as used in Microsoft Internet Explorer 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memo...
CVE-2016-3259
The Microsoft 1 JScript 9, 2 VBScript, and 3 Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting...
CVE-2016-3248
The Microsoft 1 JScript 9, 2 VBScript, and 3 Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting...
Information disclosure
The VBScript engine in Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability."...
Memory corruption
The Microsoft 1 JScript 9, 2 VBScript, and 3 Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting...
Memory corruption
The Microsoft 1 JScript 9, 2 VBScript, and 3 Chakra JavaScript engines, as used in Microsoft Internet Explorer 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memo...
CVE-2016-3204
The Microsoft 1 JScript 5.8 and 9 and 2 VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption...
CVE-2016-3204
The Microsoft 1 JScript 5.8 and 9 and 2 VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption...
CVE-2016-3259
The Microsoft 1 JScript 9, 2 VBScript, and 3 Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting...
CVE-2016-3260
The CVE-2016-3260 issue affects Microsoft’s scripting engines (JScript 9, VBScript, and Chakra) used by Internet Explorer 11 and Microsoft Edge. A memory corruption flaw in the engines could allow remote code execution or a denial of service when processing a crafted web site, as described in the...
CVE-2016-3204
CVE-2016-3204 involves a memory corruption vulnerability in Microsoft JScript 5.8/9 and VBScript 5.7/5.8 engines used by Internet Explorer 9–11 and related components. The flaw could allow remote code execution or a denial-of-service condition when a user visits a crafted website. Public details ...