Lucene search
K

8 matches found

Packet Storm
Packet Storm
added 2016/11/07 12:0 a.m.87 views

VBScript CRegExp::Execute Uninitialized Memory Use

Throughout November, I plan to release details on vulnerabilities I found in web-browsers which I've not released before. This is the fifth entry in that series. The below information is available in more detail on my blog at http://blog.skylined.nl/20161107001.html. There you can find a repro th...

9.3CVSS0.4AI score0.28442EPSS
Exploits2
Circl
Circl
added 2016/11/07 12:0 a.m.16 views

CVE-2014-6363

creationtimestamp| type| source ---|---|--- 2016-11-07 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/40721...

9.3CVSS6.8AI score0.28442EPSS
Exploits2References1
CVE
CVE
added 2014/12/11 12:0 a.m.88 views

CVE-2014-6363

CVE-2014-6363 affects the Microsoft VBScript engine (versions 5.6–5.8) used with Internet Explorer and other products. The issue is a memory corruption vulnerability in VBScript CRegExp/engine handling that can allow remote code execution when a user visits a crafted web page. Exploitation is evi...

9.3CVSS7.6AI score0.28442EPSS
Exploits2References4Affected Software2
Cvelist
Cvelist
added 2014/12/11 12:0 a.m.56 views

CVE-2014-6363

vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 6 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "VBScript Memory Corruption Vulnerability."...

8.7AI score0.28442EPSS
Exploits2References4
OpenVAS
OpenVAS
added 2014/12/10 12:0 a.m.49 views

Microsoft Windows VBScript Remote Code Execution Vulnerability (3016711)

This host is missing a critical security update according to Microsoft Bulletin MS14-084. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.3CVSS5AI score0.28442EPSS
Exploits2References7
Symantec
Symantec
added 2014/12/09 12:0 a.m.63 views

Microsoft VBScript CVE-2014-6363 Remote Code Execution Vulnerability

Description Microsoft VBScript is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Technologies...

9.3CVSS9.4AI score0.28442EPSS
Exploits2Affected Software12
Tenable Nessus
Tenable Nessus
added 2014/12/09 12:0 a.m.66 views

MS14-080: Cumulative Security Update for Internet Explorer (3008923)

The version of Internet Explorer installed on the remote host is missing Cumulative Security Update 3008923. It is, therefore, affected by multiple vulnerabilities, the majority of which are remote code execution vulnerabilities. An attacker can exploit these by convincing a user to visit a...

9.3CVSS5.5AI score0.28442EPSS
Exploits9References15
Check Point Advisories
Check Point Advisories
added 2014/12/09 12:0 a.m.43 views

Microsoft Internet Explorer VBScript Memory Corruption (MS14-080; CVE-2014-6363)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to the way that the VBScript engine handles objects in memory when rendered in Internet Explorer. A remote attacker can exploit this issue by enticing a user to open a specially crafte...

9.3CVSS6.9AI score0.28442EPSS
Exploits2
Rows per page
Query Builder