CVE-2019-1238

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1239...

Microsoft Internet Explorer Remote Code Execution Vulnerability (CNVD-2019-35571)

Microsoft Internet Explorer IE is a Web browser that comes with the Windows operating system from Microsoft Corporation.VBScript Engine is one of the VBScript scripting language engines. A remote code execution vulnerability exists in the way the VBScript Engine handles memory objects in Microsof...

August 17, 2019—KB4517276 (OS Build 10240.18308)

August 17, 2019—KB4517276 OS Build 10240.18308 For more information about the various types of Windows updates, such as critical, security, driver, service packs, etc., please see the following article. Improvements and fixes This non-security update includes quality improvements. Key changes...

July 16, 2019—KB4507463 (Preview of Monthly Rollup)

July 16, 2019—KB4507463 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4507448released July 9, 2019 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Updates time zone...

PT-2019-3048 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is caused by a buffer overflow in the VBScript script handler in Windows operating systems. This can be exploited by a remote attacker using a specially crafted web page or...

CVE-2019-0667

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0665, CVE-2019-0666, CVE-2019-0772...

Microsoft Internet Explorer VBScript Engine Remote Memory Corruption Vulnerability (CNVD-2019-39018)

Microsoft Internet Explorer IE is a Web browser that comes with the Windows operating system. A memory corruption vulnerability exists in Microsoft IE 9, 10, and 11 that stems from a VBScript execution policy that does not strictly restrict VBScript.A remote attacker can exploit this vulnerabilit...

Microsoft Windows scripting engine information disclosure vulnerability

Microsoft Windows 7 SP1 is a series of operating systems released by Microsoft. scripting engine is one of the scripting engines. An information disclosure vulnerability exists in the scripting engine in Microsoft Windows. An attacker can exploit this vulnerability by constructing a specially...

India Goods and Services Tax Network (GSTN) Offline Utility Elevation of Privilege Vulnerability

A security vulnerability exists in GSTNofflinetool in the India Goods and Services Tax Network GSTN Offline Utility tool prior to version 1.2. A local attacker can exploit this vulnerability by replacing winstart-server.vbs with arbitrary VBScript code to gain privileges...

CVE-2017-0199: analysis Microsoft Office RTF vulnerability-vulnerability warning-the black bar safety net

FireEye recently detected using CVE-2017-0199 security vulnerabilities malicious Microsoft Office RTF document, be aware of CVE-2017-0199, but had not been disclosed vulnerability. When the user opens that contains the exploit Code of the document, the malicious code will download and execute the...

CVE-2017-0199 Used as Zero Day to Distribute FINSPY Espionage Malware and LATENTBOT Cyber Crime Malware

FireEye recently identified a vulnerability – CVE-2017-0199 – that allows a malicious actor to download and execute a Visual Basic script containing PowerShell commands when a user opens a Microsoft Office RTF document containing an embedded exploit. We worked with Microsoft and published the...

CVE-2016-3375

The OLE Automation mechanism and VBScript scripting engine in Microsoft Internet Explorer 9 through 11, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow remote attackers to...

CVE-2016-3248

The Microsoft 1 JScript 9, 2 VBScript, and 3 Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting...

Microsoft Scripting Engine Memory Corruption Vulnerability (CNVD-2016-04792)

Microsoft Internet Explorer IE is a web browser developed by Microsoft, and is the default browser that comes with the Windows operating system.Microsoft VBScript known as Visual Basic Script is a scripting language, and is also the default programming language for ASP dynamic web pages. JScript ...

Microsoft JScript and VBScript Scripting Engine Memory Corruption Vulnerability (CNVD-2016-03119)

Microsoft Internet Explorer IE is a web browser developed by Microsoft and is the default browser that comes with the Windows operating system.JScript is one of the interpreted object-based scripting languages.VBScript engines are one of the... VBScript engine. A memory corruption vulnerability...

Microsoft VBScript Arbitrary Code Execution Vulnerability

Microsoft VBScript is the United States Microsoft Microsoft company developed a scripting language, can be seen as a simplified version of the VB language. A memory corruption vulnerability exists in Microsoft Internet Explorer's VBScript and JScript, which could be exploited by a remote attacker...

CVE-2016-0002

The Microsoft 1 VBScript 5.7 and 5.8 and 2 JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."...

Microsoft VBScript and JScript Scripting Engine Information Disclosure Vulnerability (CNVD-2015-08015)

Microsoft Internet Explorer IE is a web browser developed by Microsoft, and is the default browser that comes with the Windows operating system.Microsoft VBScript known as Visual Basic Script is a scripting language, and is also the default programming language for ASP dynamic web pages. JScript ...

Microsoft VBScript and JScript Scripting Engine Memory Corruption Vulnerability

Microsoft Internet Explorer IE is a web browser developed by Microsoft, and is the default browser that comes with the Windows operating system.Microsoft VBScript known as Visual Basic Script is a scripting language, and is also the default programming language for ASP dynamic web pages. JScript ...

Microsoft VBScript and JScript Engine Memory Corruption Vulnerability

Microsoft Internet Explorer IE is a Web browser developed by Microsoft, and is the default browser that comes with the Windows operating system.Microsoft VBScript known as Visual Basic Script is a scripting language, and is also the default programming language for ASP dynamic Web pages. JScript ...