1197 matches found
WinRar 5.21 - SFX OLE Command Execution
!/usr/bin/python -w Title : WinRar SFX OLE Command Execution Date : 25/09/2015 Author : R-73eN Tested on : Windows Xp SP3 with WinRAR 5.21 Triggering the Vulnerability Run this python script Right click a file and then click on add to archive. check the 'Create SFX archive' box go to Advanced tab...
CVE-2015-2493
The 1 VBScript and 2 JScript engines in Microsoft Internet Explorer 8 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."...
Memory corruption
The 1 VBScript and 2 JScript engines in Microsoft Internet Explorer 8 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."...
CVE-2015-2493
CVE-2015-2493 affects Microsoft Internet Explorer (IE) engines VBScript and JScript in IE 8 (and IE 7–11 per related advisories). The vulnerability is a memory corruption flaw that can be exploited by a crafted web page to cause remote code execution or, per some sources, memory corruption leadin...
CVE-2015-2493
The 1 VBScript and 2 JScript engines in Microsoft Internet Explorer 8 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."...
Microsoft Windows multiple security vulnerabilities
Internet Explorer and VBScript multiple security vulnerabilities, RDP code execution, Hyper-V code execution, multiple privilege escalations...
Microsoft Internet Explorer Multiple Memory Corruption Vulnerabilities (3076321)
This host is missing a critical security update according to Microsoft Bulletin MS15-065. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Microsoft Windows VBScript Remote Code Execution Vulnerability (3072604)
This host is missing a critical security update according to Microsoft Bulletin MS15-066. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2015-2372
vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 6 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "VBScript Memory Corruption Vulnerability."...
CVE-2015-2372
vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 6 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "VBScript Memory Corruption Vulnerability."...
CVE-2015-2372
CVE-2015-2372 concerns vbscript.dll in Microsoft VBScript 5.6–5.8 used with Internet Explorer (IE 6–11) and related products. The vulnerability enables remote code execution or memory corruption via a crafted web site, due to memory corruption in VBScript as described in MS15-066. Connected sourc...
KLA10633 code execution vulnerability in Microsoft VBScript
An unspecified vulnerability was found in Microsoft VBScript. By exploiting this vulnerability malicious users can cause denial of service or execute arbitrary code. This vulnerability can be exploited remotely via a specially designed web site. Original advisories CVE-2015-2372 Related products...
Microsoft VBScript CVE-2015-2372 Remote Code Execution Vulnerability
Description Microsoft VBScript is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Technologies...
MS15-066: Vulnerability in VBScript could allow remote code execution: July 14, 2015
Resolves a vulnerability in the VBScript scripting engine in Windows that could allow remote code execution if a user goes to a specially crafted website. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.SummaryThis security update...
MS15-066: Description of the security update for the VBScript 5.8 scripting engine: July 14, 2015
Resolves a vulnerability in the VBScript scripting engine in Windows that could allow remote code execution if a user goes to a specially crafted website. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.SummaryThis security update...
MS15-066: Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (3072604)
The VBScript scripting engine on the remote host is affected by a remote code execution vulnerability due to improper handling of objects in memory. A remote attacker can exploit this vulnerability by convincing a user to visit a specially crafted website or open a specially crafted Microsoft...
VNC Keyboard Remote Code Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex/proto/rfb' class Metasploit3 'VNC Keyboard Remote Code Execution', 'Description' = %q This module exploits VNC servers by sending virtual...
VBS-Obfuscator - VBScript obfuscation to allow PenTesters bypass countermeasures
VBScript obfuscation to allow PenTesters bypass countermeasures. Sample Script Output C:\toolspython obfuscator.py test.vbs out.vbs Char 109 - 5505-5396 Char 115 - 1113775/9685 Char 103 - 540853/5251 Char 98 - -2629+2727 Char 111 - 291-180 Char 120 - 826320/6886 Char 32 - 118016/3688 Char 34 -...
IBM Security AppScan Standard 9.0.2 - OLE Automation Array Remote Code Execution
!/usr/bin/python import BaseHTTPServer, socket IBM Security AppScan Standard OLE Automation Array Remote Code Execution Author: Naser Farhadi Linkedin: http://ir.linkedin.com/pub/naser-farhadi/85/b3b/909 Date: 1 June 2015 Version: function runmumaa On Error Resume Next set shell=createobject"Shel...
CVE-2015-1686
The Microsoft 1 VBScript 5.6 through 5.8 and 2 JScript 5.6 through 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "VBScript and JScript ASLR Bypass."...