Microsoft Windows VBScript Split Function Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose the contents of memory on applications using the VBScript scripting language on vulnerable installations of Microsoft Windows. Microsoft Internet Explorer is an affected application. User interaction is required to exploit this vulnerability ...

Microsoft VBScript JScript engines memory corruption vulnerability

Microsoft VBScript is the United States Microsoft Microsoft company developed a scripting language, can be seen as a simplified version of the VB language. A memory corruption vulnerability exists in Microsoft VBScript JScript engines, which could allow remote attackers to execute arbitrary code ...

CVE-2015-6089

The Microsoft 1 VBScript and 2 JScript engines, as used in Internet Explorer 8 through 11, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."...

Memory corruption

The Microsoft 1 VBScript and 2 JScript engines, as used in Internet Explorer 8 through 11, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."...

CVE-2015-6089

The Microsoft 1 VBScript and 2 JScript engines, as used in Internet Explorer 8 through 11, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."...

CVE-2015-6089

CVE-2015-6089 describes a memory corruption vulnerability in Microsoft Internet Explorer’s VBScript/JScript engines (IE 8–11). The root cause is a memory allocation/handling flaw that can be exploited by a crafted webpage to achieve remote code execution or, per the threat landscape, memory corru...

Microsoft Windows VBScript Join Function Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code in applications using the VBScript scripting language running on vulnerable installations of Microsoft Windows. Microsoft Internet Explorer is an affected application. User interaction is required to exploit this vulnerability i...

KLA10697 Multiple vulnerabilities in Microsoft Internet Explorer

Multiple serious vulnerabilities have been found in Microsoft Internet Explorer. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper memory objects access...

Slack: File upload XSS (Java applet) on http://slackatwork.com/

The web application supports file uploads and I was able to upload a Java Applet .class/.jar file. If a web browser loads a Java applet from a trusted site, the browser provides no security warning. If an attacker can upload a CLASS/JAR file with an applet, the file is executed even if the web...

Microsoft Windows multiple security vulnerabilities

Internet Explorer / Edge multiple security vulnerabilities, VBScript / Jscript code execution, Windows Shell code execution, kernel privilege escsalation...

Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CNVD-2015-06661)

Internet Explorer is a web browser from Microsoft. A security vulnerability exists in the implementation of Internet Explorer 9-11 and other products, VBScript and JScript engines. A remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service memory...

CVE-2015-6059

The Microsoft 1 VBScript 5.7 and 5.8 and 2 JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability."...

CVE-2015-6056

The 1 JScript and 2 VBScript engines in Microsoft Internet Explorer 9 through 11 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."...

CVE-2015-6055

The Microsoft 1 VBScript 5.7 and 5.8 and 2 JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via crafted Filter arguments, aka "Scripting Engine Memory Corrupti...

CVE-2015-6052

The Microsoft 1 VBScript 5.7 and 5.8 and 2 JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "VBScript and JScript ASLR Bypass."...

Information disclosure

The Microsoft 1 VBScript 5.7 and 5.8 and 2 JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability."...

Memory corruption

The 1 JScript and 2 VBScript engines in Microsoft Internet Explorer 9 through 11 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."...

Memory corruption

The Microsoft 1 VBScript 5.7 and 5.8 and 2 JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted replace operation with a JavaScript regular expressio...

Memory corruption

The Microsoft 1 VBScript 5.7 and 5.8 and 2 JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via crafted Filter arguments, aka "Scripting Engine Memory Corrupti...

Security feature bypass

The Microsoft 1 VBScript 5.7 and 5.8 and 2 JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "VBScript and JScript ASLR Bypass."...