Lucene search
K

17 matches found

seebug.org
seebug.org
added 2018/02/24 12:0 a.m.91 views

IE11: Use-after-free in Js::RegexHelper::RegexReplace(CVE-2018-0866)

There is a Use-after-free vulnerability in Internet Explorer that could potentially be used for memory disclosure. This was tested on IE11 running on Window 7 64-bit with the latest patches applied. Note that the PoC was tested in a 64-bit tab process via TabProcGrowth=0 registry flag and the pag...

7.8AI score0.44265EPSS
Exploits4
seebug.org
seebug.org
added 2018/02/24 12:0 a.m.82 views

IE11: Use-after-free in String.lastIndexOf(CVE-2018-0866)

There is a Use-after-free vulnerability in Internet Explorer that could potentially be used for memory disclosure. This was tested on IE11 running on Window 7 64-bit with the latest patches applied. PoC: var vars = new Array2; function main vars0 = new Array1000000; vars1 =...

7.7AI score0.44265EPSS
Exploits4
Packet Storm
Packet Storm
added 2018/02/22 12:0 a.m.63 views

Microsoft IE11 Js::RegexHelper::RegexReplace Use-After-Free

IE11: Use-after-free in Js::RegexHelper::RegexReplace CVE-2018-0866 There is a Use-after-free vulnerability in Internet Explorer that could potentially be used for memory disclosure. This was tested on IE11 running on Window 7 64-bit with the latest patches applied. Note that the PoC was tested i...

7.5AI score0.44265EPSS
Exploits4
Circl
Circl
added 2018/02/20 12:0 a.m.11 views

CVE-2018-0866

creationtimestamp| type| source ---|---|--- 2018-02-20 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/44153...

9.3CVSS7.6AI score0.44265EPSS
Exploits4References1
Prion
Prion
added 2018/02/15 2:29 a.m.22 views

Memory corruption

Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836,...

9.3CVSS7.3AI score0.65858EPSS
Exploits21References3
Prion
Prion
added 2018/02/15 2:29 a.m.24 views

Memory corruption

Microsoft Edge and ChakraCore in Microsoft Windows 10 1703 and 1709 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0837, CVE-2018-083...

7.6CVSS7.3AI score0.65858EPSS
Exploits21References3
OpenVAS
OpenVAS
added 2018/02/14 12:0 a.m.269 views

Microsoft Windows Multiple Vulnerabilities (KB4074590)

This host is missing a critical security update according to Microsoft KB4074590 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.8AI score0.65858EPSS
Exploits33References1
OpenVAS
OpenVAS
added 2018/02/14 12:0 a.m.80 views

Microsoft Windows Multiple Vulnerabilities (KB4074591)

This host is missing a critical security update according to Microsoft KB4074591 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.8AI score0.65858EPSS
Exploits33References1
OpenVAS
OpenVAS
added 2018/02/14 12:0 a.m.150 views

Microsoft Windows Internet Explorer Multiple RCE Vulnerabilities (KB4074736)

This host is missing a critical security update according to Microsoft KB4074736 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.3CVSS7.5AI score0.53715EPSS
Exploits6References1
Kaspersky
Kaspersky
added 2018/02/13 12:0 a.m.693 views

KLA11199 Multiple vulnerabilities in Microsoft Browsers

Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Microsoft Edge c...

9.3CVSS8.2AI score0.65858EPSS
Exploits21References32
Symantec
Symantec
added 2018/02/13 12:0 a.m.42 views

Microsoft Internet Explorer Scripting Engine CVE-2018-0866 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Internet Explorer 9, 10 and 11 are...

0.2AI score0.44265EPSS
Exploits4Affected Software1
Check Point Advisories
Check Point Advisories
added 2018/02/13 12:0 a.m.11 views

Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2018-0866)

A memory corruption vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS7.7AI score0.44265EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2018/02/13 12:0 a.m.79 views

Security Updates for Internet Explorer (February 2018)

The Internet Explorer installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could...

9.3CVSS8.2AI score0.53715EPSS
Exploits6References6
Tenable Nessus
Tenable Nessus
added 2018/02/13 12:0 a.m.64 views

KB4074591: Windows 10 Version 1511 February 2018 Security Update (Meltdown)(Spectre)

The remote Windows host is missing security update 4074591. It is, therefore, affected by multiple vulnerabilities : - An vulnerability exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker with local user access to disclose...

9.3CVSS8.2AI score0.93838EPSS
Exploits46References29
Tenable Nessus
Tenable Nessus
added 2018/02/13 12:0 a.m.66 views

KB4074592: Windows 10 Version 1703 February 2018 Security Update (Meltdown)(Spectre)

The remote Windows host is missing security update 4074592. It is, therefore, affected by multiple vulnerabilities : - An vulnerability exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker with local user access to disclose...

9.3CVSS8.2AI score0.93838EPSS
Exploits47References38
Tenable Nessus
Tenable Nessus
added 2018/02/13 12:0 a.m.111 views

KB4074589: Windows Server 2012 February 2018 Security Update

The remote Windows host is missing security update 4074589 or cumulative update 4074593. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability...

9.3CVSS7.9AI score0.53715EPSS
Exploits7References16
Tenable Nessus
Tenable Nessus
added 2018/02/13 12:0 a.m.96 views

KB4074587: Windows 7 and Windows Server 2008 R2 February 2018 Security Update

The remote Windows host is missing security update 4074587 or cumulative update 4074598. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability...

9.3CVSS7.8AI score0.53715EPSS
Exploits6References18
Rows per page
Query Builder