Lucene search
K

5 matches found

seebug.org
seebug.org
added 2017/12/20 12:0 a.m.54 views

Windows: use-after-free in jscript!NameTbl::GetValDef(CVE-2017-11903)

There is a use-after-free vulnerability in jscript.dll. This issue could potentially be exploited through multiple vectors: - An attacker on the local network could exploit this issue by posing as a WPAD Web Proxy Auto-Discovery host and sending a malicious wpad.dat file to the victim. This works...

7.6CVSS7.8AI score0.46179EPSS
Exploits4
exploitpack
exploitpack
added 2017/12/19 12:0 a.m.13 views

Microsoft Windows - jscript!NameTbl::GetValDef Use-After-Free

Microsoft Windows - jscript!NameTbl::GetValDef Use-After-Free var vars = new Array100; forvar i=0;i !-- ============================================ PoC for WPAD might require page heap to trigger the crash: ============================================ function...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2017/12/19 12:0 a.m.15 views

Microsoft Windows - jscript!JsArraySlice Uninitialized Variable

Microsoft Windows - jscript!JsArraySlice Uninitialized Variable var x = new URIErrornew Array, undefined, undefined; String.prototype.localeCompare.callx, new Date0, 0, 0, 0, 0, 0, undefined; Array.prototype.slice.call1; !-- ============================================ Technical details: The issu...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2017/12/18 12:0 a.m.53 views

WIndows jscript!JsArraySlice Uninitialized Variable

Windows: Uninitialized variable in jscript!JsArraySlice CVE-2017-11855 There is an uninitialized variable vulnerability in jscript.dll. This issue could potentially be exploited through multiple vectors: - By opening a malicious web page in Internet Explorer. - currently untested An attacker on t...

7.6CVSS0.5AI score0.47913EPSS
Exploits4
Packet Storm
Packet Storm
added 2017/12/18 12:0 a.m.48 views

Windows jscript!NameTbl::GetValDef Use-After-Free

Windows: use-after-free in jscript!NameTbl::GetValDef CVE-2017-11903 There is a use-after-free vulnerability in jscript.dll. This issue could potentially be exploited through multiple vectors: - An attacker on the local network could exploit this issue by posing as a WPAD Web Proxy Auto-Discovery...

0.4AI score0.46179EPSS
Exploits4
Rows per page
Query Builder