Lucene search
K

5 matches found

seebug.org
seebug.org
added 2009/09/11 12:0 a.m.31 views

Microsoft JScript脚本引擎Arguments关键字内存破坏漏洞(MS09-045)

BUGTRAQ ID: 36224 CVECAN ID: CVE-2009-1920 JScript是一种解释性的基于对象的脚本语言。 JScript脚本引擎(JScript.dll)处理网页中脚本的方式存在远程代码执行漏洞。在解析jscript arguments关键字时,由于arguments对象在某一时间之前不可用,调用该对象可能导致内存破坏。 如果用户打开了特制文件或访问了运行脚本的特制网站,这个漏洞可能允许远程执行指令。 Microsoft JScript 5.8 Microsoft JScript 5.7 Microsoft JScript 5.6 Microsoft...

9.3CVSS6.6AI score0.21507EPSS
Exploits1
securityvulns
securityvulns
added 2009/09/09 12:0 a.m.60 views

ZDI-09-062: Microsoft Internet Explorer JScript arguments Invocation Memory Corruption Vulnerability

ZDI-09-062: Microsoft Internet Explorer JScript arguments Invocation Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-062 September 8, 2009 -- CVE ID: CVE-2009-1920 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Internet Explorer -- TippingPointTM...

9.3CVSS0.3AI score0.21507EPSS
Exploits1
CVE
CVE
added 2009/09/08 10:0 p.m.77 views

CVE-2009-1920

The CVE-2009-1920 vulnerability is a remote code execution flaw in the JScript scripting engine (JScript.dll) used by Internet Explorer. It arises from the engine’s handling of decoded scripts loaded into memory, where memory corruption can occur and allow arbitrary code execution when a user vis...

9.3CVSS7.5AI score0.21507EPSS
Exploits1References3Affected Software5
Check Point Advisories
Check Point Advisories
added 2009/09/08 12:0 a.m.1 views

JScript Scripting Engine Web Pages Decoding Code Execution (MS09-045; CVE-2009-1920)

JScript is an interpreted, object-based scripting language that is often used to make Web sites more flexible or interactive. A remote code execution vulnerability has been reported in the way that the JScript scripting engine decodes script in Web pages. The vulnerability is due to a memory...

9.3CVSS7.1AI score0.21507EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2009/09/08 12:0 a.m.22 views

MS09-045: Vulnerability in JScript Scripting Engine Could Allow Remote Code Execution (971961)

The remote host is running a version of Windows that contains a flaw in its JScript scripting engine. An attacker may be able to execute arbitrary code on the remote host by constructing a malicious JScript and enticing a victim to visit a web site or view a specially crafted email message. C...

9.3CVSS6.1AI score0.21507EPSS
Exploits1References2
Rows per page
Query Builder