1197 matches found
KLA11354 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1. An information...
KB4467703: Windows 8.1 and Windows Server 2012 R2 November 2018 Security Update
The remote Windows host is missing security update 4467703 or cumulative update 4467697. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability...
KB4467106: Windows 7 and Windows Server 2008 R2 November 2018 Security Update
The remote Windows host is missing security update 4467106 or cumulative update 4467107. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability...
KB4467678: Windows Server 2012 November 2018 Security Update
The remote Windows host is missing security update 4467678 or cumulative update 4467701. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability...
The Windows VBScript Engine RCE vulnerability of CVE-2018-8174 analysis and use-vulnerability and early warning-the black bar safety net
A, vulnerability introduction The VBScript Engine handles objects in memory there is a remote code execution vulnerability. The vulnerability could an attacker can in the current context of the user in the execution of arbitrary code in the way to spoil the memory. Successful exploitation of this...
Microsoft Windows VBScript Class_Terminate MSXML6 Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows VBScript. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
July 12, 2016 — KB3163912 (OS Build 10240.17024)
July 12, 2016 — KB3163912 OS Build 10240.17024 This update includes quality improvements and security fixes. No new operating system features are being introduced in this update. Key changes include: Improved reliability of Internet Explorer 11, Windows Explorer, and Windows Update. Fixed issue i...
Microsoft Windows Defender AV: Impede JavaScript and VBScript to launch executables
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winavimpedejsvbsexec.nasl 11495 2018-09-20 10:06:25Z emoss $ Check value for Configure Attack Surface Reduction rules: Impede JavaScript and VBScript to launch executables Authors: Emanuel Moss Copyright: Copyright c 2018...
Microsoft Windows VBScript Engine Remote Code Execution (CVE-2018-8373)
A remote code execution vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to an improper handling of objects in memory. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Darkhotel Exploits Microsoft Zero-Day VBScript Flaw
Researchers have discovered that the Darkhotel APT is exploiting a recently-patched zero-day vulnerability impacting Microsoft VBScript. Researchers at Trend Micro recently disclosed the flaw in Microsoft Visual Basic Scripting Engine VBScript, an active scripting language developed by Microsoft...
Use CVE-2018-8373 0day vulnerabilities the attacks the Darkhotel gang-related analysis-vulnerability warning-the black bar safety net
Background 2018 8 on 15 May, the network security company Trend Micro disclosed its in this year 7 month to capture an example in the wild 0day vulnerability to attack, the attack uses the Windows VBScript Engine code execution vulnerability, through the analysis and comparison found that the 0da...
Microsoft Windows VBScript Array Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows VBScript. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Microsoft Windows VBScript Class_Terminate Use After Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows VBScript. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
PT-2018-1466 · Microsoft · Windows +1
Name of the Vulnerable Software and Affected Versions: Internet Explorer affected versions not specified Microsoft Windows affected versions not specified Description: The issue is caused by a buffer overflow in the JavaScript handler of Internet Explorer, allowing a remote attacker to execute...
VBScript Malicious Obfuscation Technique
This protection will detect and block attempts to circumvent IPS using VBscript obfuscation schemes...
Microsoft Windows VBScript Class_Terminate Double Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows VBScript. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Delving deep into VBScript
In late April we found and wrote a description of CVE-2018-8174, a new zero-day vulnerability for Internet Explorer that was picked up by our sandbox. The vulnerability uses a well-known technique from the proof-of-concept exploit CVE-2014-6332 that essentially "corrupts" two memory objects and...
Microsoft Windows VBScript Class_Terminate Invalid Object Access Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows VBScript. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Microsoft Windows VBScript Class_Terminate Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows VBScript. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Microsoft Windows VBScript Class_Terminate Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows VBScript. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...