CVE-2015-2482

The Microsoft 1 VBScript 5.7 and 5.8 and 2 JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted replace operation with a JavaScript regular expressio...

CVE-2015-6052

CVE-2015-6052 covers a security feature bypass in the VBScript 5.7/5.8 and JScript 5.7/5.8 engines used by Internet Explorer 8–11 and other products. A remote attacker could bypass ASLR via a crafted website. The issue is described as a VBScript/JScript ASLR bypass affecting IE components; relate...

CVE-2015-2482

CVE-2015-2482 affects Microsoft VBScript/JScript engines (VBScript 5.7/5.8 and JScript 5.7/5.8) used in Internet Explorer 8–11 and related products. A crafted replace operation on a JavaScript RegExp can trigger memory corruption, enabling remote code execution or a denial of service. Connected s...

CVE-2015-6059

The Microsoft 1 VBScript 5.7 and 5.8 and 2 JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability."...

CVE-2015-6055

The Microsoft 1 VBScript 5.7 and 5.8 and 2 JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via crafted Filter arguments, aka "Scripting Engine Memory Corrupti...

CVE-2015-6052

The Microsoft 1 VBScript 5.7 and 5.8 and 2 JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "VBScript and JScript ASLR Bypass."...

CVE-2015-6056

CVE-2015-6056 is an Internet Explorer scripting engine memory corruption vulnerability affecting IE9–IE11. The issue arises in the JScript/VBScript engines when processing a crafted web page, allowing remote code execution or memory corruption leading to a denial of service. Public exploit activi...

CVE-2015-6059

The CVE-2015-6059 entry corresponds to an information-disclosure vulnerability in Microsoft’s VBScript 5.7/5.8 and JScript 5.7/5.8 engines used by Internet Explorer 8–11 and other products. A remote attacker could obtain sensitive information from process memory via a crafted web site (Scripting ...

CVE-2015-6055

The CVE-2015-6055 issue affects the Microsoft scripting engines used by Internet Explorer (VBScript 5.7/5.8 and JScript 5.7/5.8) and is caused by memory corruption when processing crafted Filter arguments. This can allow remote code execution or memory corruption leading to a DoS; affected produc...

CVE-2015-6056

The 1 JScript and 2 VBScript engines in Microsoft Internet Explorer 9 through 11 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."...

Microsoft Windows JScript and VBScript Remote Code Execution Vulnerability (3089659)

This host is missing a critical security update according to Microsoft Bulletin MS15-108. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft VBScript and JScript CVE-2015-6059 Information Disclosure Vulnerability

Description Microsoft VBScript and JScript are prone to an information disclosure vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Successful exploits will allow attackers to obtain sensitive information that may aid in further...

MS15-108: Security update for JScript and VBScript to address remote code execution: October 13, 2015

Resolves vulnerabilities in the VBScript and JScript scripting engines in Windows that could allow remote code execution.SummaryThis security update resolves vulnerabilities in the VBScript and JScript scripting engines in Windows. The more severe of these vulnerabilities could allow remote code...

Microsoft VBScript and JScript ASLR Bypass (MS15-106: CVE-2015-6052)

A security feature bypass vulnerability has been discovered in JScript and VBScript scripting engines. The vulnerability is due to the way that the VBScript scripting engine uses the Address Space Layout Randomization ASLR security feature. A remote attacker can exploit this issue by enticing a...

Microsoft VBScript and JScript CVE-2015-6052 ASLR Security Bypass Vulnerability

Description Microsoft VBScript and JScript are prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Technologies Affected Microsoft Internet Explorer...

Microsoft VBScript and JScript CVE-2015-2482 Remote Memory Corruption Vulnerability

Description Microsoft VBScript and JScript are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently...

Microsoft VBScript and JScript CVE-2015-6055 Multiple Remote Memory Corruption Vulnerabilities

Description Microsoft VBScript and JScript are prone to multiple remote memory-corruption vulnerabilities. Attackers can exploit these issues by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit these issues to execute arbitrary code in the context of the...

KLA10676 Multiple vulnerabilities in Microsoft JScript and VBScript

Multiple serious vulnerabilities have been found in Microsoft JScript and VBScript. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improperly handling objects...

Microsoft Windows VBScript Filter Function Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code in applications using the VBScript scripting language running on vulnerable installations of Microsoft Windows. Microsoft Internet Explorer is an affected application. User interaction is required to exploit this vulnerability i...

MS15-108: Security Update for JScript and VBScript to Address Remote Code Execution (3089659)

The VBScript and JScript engines on the remote host are affected by multiple vulnerabilities : - Multiple remote code execution vulnerabilities exist in the VBScript and JScript engines due to improper handling of objects in memory. A remote attacker can exploit these vulnerabilities by convincin...