1197 matches found
CVE-2015-6135
The Microsoft 1 VBScript 5.7 and 5.8 and 2 JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability."...
Memory corruption
The Microsoft 1 VBScript 5.7 and 5.8 and 2 JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."...
Information disclosure
The Microsoft 1 VBScript 5.7 and 5.8 and 2 JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability."...
CVE-2015-6136
The CVE-2015-6136 entry describes a memory corruption vulnerability in Microsoft VBScript 5.7/5.8 and JScript 5.7/5.8 engines used by Internet Explorer 8–11 and other products, enabling remote code execution via a crafted webpage. Affected components: VBScript and JScript engines embedded in IE. ...
CVE-2015-6135
CVE-2015-6135 concerns Microsoft VBScript 5.7/5.8 and JScript 5.7/5.8 engines used in Internet Explorer 8–11. The vulnerability allows a remote attacker to read sensitive data from process memory via a crafted web page, i.e., an information‑disclosure flaw. Affected component is the VBScript/JScr...
CVE-2015-6136
The Microsoft 1 VBScript 5.7 and 5.8 and 2 JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."...
Microsoft Windows VBScript Multiple Remote Code Execution Vulnerabilities (3116178)
This host is missing an important security update according to Microsoft Bulletin MS15-126. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Internet Explorer Multiple Vulnerabilities (3116180)
This host is missing a critical security update according to Microsoft Bulletin MS15-124. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
KLA10719 Multiple vulnerabilities in Microsoft VBScript
Memory handling vulnerabilities were found in Microsoft VBScript. By exploiting these vulnerabilities malicious users can execute arbitrary code or obtain sensitive information. These vulnerabilities can be exploited remotely via a specially designed web site. Original advisories CVE-2015-6135...
Microsoft Internet Explorer Scripting Engine Information Disclosure (MS15-124: CVE-2015-6135)
An information disclosure vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way VBScript engine manipulates BSTR objects. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page...
MS15-126: Cumulative security update for JScript and VBScript to address remote code execution: December 8, 2015
Fixes vulnerabilities in the VBScript scripting engine in Windows that could allow remote code execution if an attacker hosts a specially crafted website.SummaryThis security update fixes vulnerabilities in the VBScript scripting engine in Windows. The more severe of the vulnerabilities could all...
MS15-126: Description of the security update for VBScript 5.8: December 8, 2015
Fixes vulnerabilities in the VBScript scripting engine in Windows that could allow remote code execution if an attacker hosts a specially crafted website.SummaryThis security update fixes vulnerabilities in the VBScript scripting engine in Windows. The more severe of the vulnerabilities could all...
Microsoft Windows VBScript StrComp Function Use-After-Free Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose the contents of memory on applications using the VBScript scripting language on vulnerable installations of Microsoft Windows. Microsoft Internet Explorer is an affected application. User interaction is required to exploit this vulnerability ...
Microsoft Windows VBScript Filter Function Use-After-Free Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose the contents of memory on applications using the VBScript scripting language on vulnerable installations of Microsoft Windows. Microsoft Internet Explorer is an affected application. User interaction is required to exploit this vulnerability ...
Microsoft Windows VBScript Join Function Use-After-Free Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose the contents of memory on applications using the VBScript scripting language on vulnerable installations of Microsoft Windows. Microsoft Internet Explorer is an affected application. User interaction is required to exploit this vulnerability ...
Microsoft Windows VBScript InStr/InStrRev Functions Use-After-Free Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose the contents of memory on applications using the VBScript scripting language on vulnerable installations of Microsoft Windows. Microsoft Internet Explorer is an affected application. User interaction is required to exploit this vulnerability ...
Microsoft Windows VBScript InStrB Function Use-After-Free Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose the contents of memory on applications using the VBScript scripting language on vulnerable installations of Microsoft Windows. Microsoft Internet Explorer is an affected application. User interaction is required to exploit this vulnerability ...
Microsoft Windows VBScript CreateObject Function Use-After-Free Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose the contents of memory on applications using the VBScript scripting language on vulnerable installations of Microsoft Windows. Microsoft Internet Explorer is an affected application. User interaction is required to exploit this vulnerability ...
Microsoft VBScript and JScript CVE-2015-6135 Information Disclosure Vulnerability
Description Microsoft VBScript and JScript are prone to a remote information disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. The following products are vulnerable: Internet Explorer 8, 9, 10, and 11 Microsoft...
Microsoft Windows VBScript Replace Function Use-After-Free Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose the contents of memory on applications using the VBScript scripting language on vulnerable installations of Microsoft Windows. Microsoft Internet Explorer is an affected application. User interaction is required to exploit this vulnerability ...