Information disclosure

The Visual Basic macros in Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2016 export a certificate-store private key during a document-save operation, which allows attackers to obtain sensitive information via unspecified vectors, aka "Microsoft Information Disclosure Vulnerability."...

CVE-2016-0141

The Visual Basic macros in Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2016 export a certificate-store private key during a document-save operation, which allows attackers to obtain sensitive information via unspecified vectors, aka "Microsoft Information Disclosure Vulnerability."...

CVE-2016-0141

CVE-2016-0141 is a Microsoft Office information-disclosure vulnerability. The issue arises in Visual Basic macros for Office 2007 SP3, 2010 SP2, 2013 SP1, and 2016, where saving a document exports a certificate-store private key. The underlying risk is exposure of the user’s private key to an att...

CVE-2016-3248

The Microsoft 1 JScript 9, 2 VBScript, and 3 Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting...

Microsoft Scripting Engine Memory Corruption Vulnerability (CNVD-2016-04792)

Microsoft Internet Explorer IE is a web browser developed by Microsoft, and is the default browser that comes with the Windows operating system.Microsoft VBScript known as Visual Basic Script is a scripting language, and is also the default programming language for ASP dynamic web pages. JScript ...

Microsoft JScript and VBScript Scripting Engine Memory Corruption Vulnerability (CNVD-2016-03119)

Microsoft Internet Explorer IE is a web browser developed by Microsoft and is the default browser that comes with the Windows operating system.JScript is one of the interpreted object-based scripting languages.VBScript engines are one of the... VBScript engine. A memory corruption vulnerability...

Microsoft VBScript Arbitrary Code Execution Vulnerability

Microsoft VBScript is the United States Microsoft Microsoft company developed a scripting language, can be seen as a simplified version of the VB language. A memory corruption vulnerability exists in Microsoft Internet Explorer's VBScript and JScript, which could be exploited by a remote attacker...

CVE-2016-0012

Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 20...

CVE-2016-0002

The Microsoft 1 VBScript 5.7 and 5.8 and 2 JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."...

Microsoft Visual Basic ASLR Bypass Vulnerability (3124585)

This host is missing an important security update according to Microsoft Bulletin MS16-004. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Patches Six Critical Flaws with January 2016 Updates

Microsoft released a scant nine bulletins today for Patch Tuesday, but six of them are marked critical and seven can lead to remote code execution. The updates, which address 25 vulnerabilities will be the last many who run Internet Explorer 8, 9, and 10 will receive unless they elect to update t...

Microsoft VBScript and JScript Scripting Engine Information Disclosure Vulnerability (CNVD-2015-08015)

Microsoft Internet Explorer IE is a web browser developed by Microsoft, and is the default browser that comes with the Windows operating system.Microsoft VBScript known as Visual Basic Script is a scripting language, and is also the default programming language for ASP dynamic web pages. JScript ...

Microsoft VBScript and JScript Scripting Engine Memory Corruption Vulnerability

Microsoft Internet Explorer IE is a web browser developed by Microsoft, and is the default browser that comes with the Windows operating system.Microsoft VBScript known as Visual Basic Script is a scripting language, and is also the default programming language for ASP dynamic web pages. JScript ...

Microsoft IE VBScript/JScript ASLR Bypass Vulnerability

Internet Explorer is a web browser from Microsoft. A security vulnerability exists in the implementation of Internet Explorer 8-11 and other products, VBScript 5.7/5.8, and JScript 5.7/5.8 engines. A remote attacker could bypass the ASLR protection mechanism by exploiting this vulnerability via a...

Microsoft VBScript and JScript Engine Memory Corruption Vulnerability

Microsoft Internet Explorer IE is a Web browser developed by Microsoft, and is the default browser that comes with the Windows operating system.Microsoft VBScript known as Visual Basic Script is a scripting language, and is also the default programming language for ASP dynamic Web pages. JScript ...

Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability

Microsoft Internet Explorer IE is a Web browser developed by the American company Microsoft and is the default browser that comes with the Windows operating system. A remote code execution vulnerability exists in the VBScript and JScript engines in Microsoft IE version 8. An attacker exploiting...

Researchers Outline New Italian RAT uWarrior

Details have come to light about a new remote access Trojan called uWarrior that arrives embedded in a rigged .RTF document. Researchers with Palo Alto Networks’ research division, Unit 42, described the malware and how it appears to have emanated from an “unknown actor of Italian origin,” in a...

Microsoft VBScript Denial of Service Vulnerability

Microsoft VBScript is the United States Microsoft Microsoft company developed a scripting language, can be seen as a simplified version of the VB language. A denial of service vulnerability exists in Microsoft VBScript versions 5.6 through 5.8 that could allow a remote attacker to execute arbitra...

Microsoft Visual Basic VBE6.DLL Stack Memory Corruption (MS10-031) - Ver2 (CVE-2010-0815)

Microsoft Visual Basic VBA is a technology for developing client desktop packaged applications and integrating them with existing data and systems. Microsoft Office products include VBA and make use of VBA to perform certain functions. A remote code execution vulnerability has been reported in th...

Microsoft VBScript ASLR Bypass Vulnerability

Microsoft Internet Explorer is a WEB-based browser. An unspecified ASLR bypass vulnerability exists in Microsoft Internet Explorer, which allows remote attackers to exploit the vulnerability to construct a malicious WEB page that can be tricked into parsing, bypassing security restrictions, and...