ChakraCore RCE Vulnerability

The Microsoft 1 JScript 9, 2 VBScript, and 3 Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting...

ChakraCore RCE Vulnerability

The Microsoft 1 JScript 9, 2 VBScript, and 3 Chakra JavaScript engines, as used in Microsoft Internet Explorer 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memo...

GHSA-H6G3-73H7-CHXP ChakraCore RCE Vulnerability

The Microsoft 1 JScript 9, 2 VBScript, and 3 Chakra JavaScript engines, as used in Microsoft Internet Explorer 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memo...

Microsoft Internet Explorer Memory Corruption Vulnerability

The Microsoft JScript nd VBScript engines, as used in Internet Explorer and other products, allow attackers to execute remote code or cause a denial of service memory corruption via a crafted web site...

Microsoft Windows VBScript Engine Out-of-Bounds Write Vulnerability

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution"...

Microsoft Internet Explorer / ActiveX Control - Security Bypass

Exploit Title: Microsoft Internet Explorer / ActiveX Control - Security Bypass Exploit Author: John Page aka hyp3rlinx Website: hyp3rlinx.altervista.org Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-INTERNET-EXPLORER-ACTIVEX-CONTROL-SECURITY-BYPASS.txt twitter.com/hyp3rlinx ISR:...

This New Stealthy JavaScript Loader Infecting Computers with Malware

Threat actors have been found using a previously undocumented JavaScript malware strain that functions as a loader to distribute an array of remote access Trojans RATs and information stealers. HP Threat Research dubbed the new, evasive loader "RATDispenser," with the malware responsible for...

VulnCheck KEV: CVE-2016-3205

The Microsoft 1 JScript 5.8 and 2 VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption...

VulnCheck KEV: CVE-2016-3210

The Microsoft 1 JScript and 2 VBScript engines, as used in Internet Explorer 11, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."...

VulnCheck KEV: CVE-2016-3206

The Microsoft 1 JScript 5.8 and 2 VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption...

VulnCheck KEV: CVE-2016-3207

The Microsoft 1 JScript 5.8 and 2 VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption...

Microsoft Scripting Engine 缓冲区错误漏洞

Microsoft Scripting Engine is a tool from Microsoft Corporation USA that provides a scripting engine for JScript and VBScript. A buffer error vulnerability exists in Microsoft Microsoft Scripting Engine. The following products and versions are affected:Windows 10 Version 1809 for 32-bit...

MacOS Targeted in WildPressure APT Malware Campaign

Threat actors known as WildPressure have added a macOS malware variant to their latest campaign targeting energy sector businesses, while enlisting compromised WordPress websites to carry out attacks. Novel malware, initially identified in March 2020 and dubbed Milum, has now been retooled with a...

WildPressure APT Emerges With New Malware Targeting Windows and macOS

A malicious campaign that has set its sights on industrial-related entities in the Middle East since 2019 has resurfaced with an upgraded malware toolset to strike both Windows and macOS operating systems, symbolizing an expansion in both its targets and its strategy around distributing threats...

WildPressure targets the macOS platform

New findings Our previous story regarding WildPressure was dedicated to their campaign against industrial-related targets in the Middle East. By keeping track of their malware in spring 2021, we were able to find a newer version. It contains the C++ Milum Trojan, a corresponding VBScript variant...

Malicious Package

Overview ruby-bitcoin is a malicious package. Within version.rb, hidden obfuscated code is present which, on Windows systems, generates and runs a malicious VBScript theScore.vb. Note: The code present in this package is slightly different to the malicious package prettycolor. Remediation Avoid...

Malicious Package

Overview prettycolor is a malicious package. Within version.rb, obfuscated code can be found which, on Windows systems, generates and runs a malicious VBScript theScore.vbs. This script will: 1. Create drop another malicious VBScript at %PROGRAMDATA%\Microsoft Essentials\Software Essentials.vbs 2...

Sony BRAVIA Digital Signage 1.7.8 Unauthenticated Remote File Inclusion

Sony BRAVIA Digital Signage 1.7.8 Unauthenticated Remote File Inclusion Vendor: Sony Electronics Inc. Product web page: https://pro-bravia.sony.net https://pro-bravia.sony.net/resources/software/bravia-signage/ https://pro.sony/ueUS/products/display-software Affected version: =1.7.8 Summary: Sony...

Cross-Site Scripting in markdown-to-jsx

Versions of markdown-to-jsx prior to 6.11.4 are vulnerable to Cross-Site Scripting. Due to insufficient input sanitization the package may render output containing malicious JavaScript. This vulnerability can be exploited through input of links containing data or VBScript URIs and a base64-encode...

ezEmu - Simple Execution Of Commands For Defensive Tuning/Research

ezEmu enables users to test adversary behaviors via various execution techniques. Sort of like an "offensive framework for blue teamers ", ezEmu does not have any networking/C2 capabilities and rather focuses on creating local test telemetry. Windows See /Linux for ELF ezEmu is compiled as...