8 matches found
VBScript CRegExp::Execute Uninitialized Memory Use
Throughout November, I plan to release details on vulnerabilities I found in web-browsers which I've not released before. This is the fifth entry in that series. The below information is available in more detail on my blog at http://blog.skylined.nl/20161107001.html. There you can find a repro th...
CVE-2014-6363
creationtimestamp| type| source ---|---|--- 2016-11-07 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/40721...
CVE-2014-6363
CVE-2014-6363 affects the Microsoft VBScript engine (versions 5.6–5.8) used with Internet Explorer and other products. The issue is a memory corruption vulnerability in VBScript CRegExp/engine handling that can allow remote code execution when a user visits a crafted web page. Exploitation is evi...
CVE-2014-6363
vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 6 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "VBScript Memory Corruption Vulnerability."...
Microsoft Windows VBScript Remote Code Execution Vulnerability (3016711)
This host is missing a critical security update according to Microsoft Bulletin MS14-084. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Microsoft VBScript CVE-2014-6363 Remote Code Execution Vulnerability
Description Microsoft VBScript is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Technologies...
MS14-080: Cumulative Security Update for Internet Explorer (3008923)
The version of Internet Explorer installed on the remote host is missing Cumulative Security Update 3008923. It is, therefore, affected by multiple vulnerabilities, the majority of which are remote code execution vulnerabilities. An attacker can exploit these by convincing a user to visit a...
Microsoft Internet Explorer VBScript Memory Corruption (MS14-080; CVE-2014-6363)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to the way that the VBScript engine handles objects in memory when rendered in Internet Explorer. A remote attacker can exploit this issue by enticing a user to open a specially crafte...