17 matches found
CVE-2016-0189
CVE-2016-0189 is a memory-corruption flaw in Microsoft JScript/VBScript engines used by Internet Explorer 9–11 that attackers could trigger via crafted web content to achieve remote code execution or memory corruption. Connected sources show exploitation within exploit kits (notably Neutrino/Nept...
CVE-2016-0187
Technical details for CVE-2016-0187 are not provided in the connected documents. The sources discuss related CVEs (e.g., CVE-2016-0189) and EK activity, but no product/version/impact specifics or remediation for 2016-0187 are given.
CVE-2012-2523
The CVE-2012-2523 issue affects Internet Explorer 8/9 on 64-bit Windows, specifically JScript 5.8 and VBScript 5.8. The root cause is an integer overflow due to an incorrect size calculation during object copying, enabling remote code execution as described in MS12-056 (2706045). Public reference...
CVE-2016-3206
Affected software: Microsoft JScript 5.8 and VBScript 5.7/5.8 engines used by Internet Explorer 9–11 and related products. Concerning vulnerability: memory corruption in scripting engines that could allow remote code execution or a denial of service via a crafted web site (Scripting Engine Memory...
CVE-2016-3205
The CVEs (CVE-2016-3205, CVE-2016-3206, CVE-2016-3207) describe memory corruption in Microsoft’s JScript 5.8 and VBScript 5.7/5.8 engines used by Internet Explorer 9–11 and related products, enabling remote code execution or denial of service via a crafted webpage. Connected Microsoft MSKB update...
CVE-2016-3207
CVE-2016-3207 corresponds to a memory corruption vulnerability in Microsoft’s scripting engines (JScript 5.8 and VBScript 5.7/5.8) used by Internet Explorer 9–11 and related products. The issue allows remote code execution or denial of service via a crafted web site. Connected Microsoft KB/MSRC e...
CVE-2016-0002
Technical details for CVE-2016-0002 are not publicly available in the provided connected documents. Monitor for updates.
CVE-2015-6059
The CVE-2015-6059 entry corresponds to an information-disclosure vulnerability in Microsoft’s VBScript 5.7/5.8 and JScript 5.7/5.8 engines used by Internet Explorer 8–11 and other products. A remote attacker could obtain sensitive information from process memory via a crafted web site (Scripting ...
CVE-2015-6136
The CVE-2015-6136 entry describes a memory corruption vulnerability in Microsoft VBScript 5.7/5.8 and JScript 5.7/5.8 engines used by Internet Explorer 8–11 and other products, enabling remote code execution via a crafted webpage. Affected components: VBScript and JScript engines embedded in IE. ...
CVE-2016-3202
CVE-2016-3202 affects the Chakra JavaScript, JScript, and VBScript engines used by Internet Explorer 10/11 and Microsoft Edge. The vulnerability allows remote attackers to execute arbitrary code or cause memory corruption via a crafted web site (Scripting Engine Memory Corruption Vulnerability). ...
CVE-2015-2482
CVE-2015-2482 affects Microsoft VBScript/JScript engines (VBScript 5.7/5.8 and JScript 5.7/5.8) used in Internet Explorer 8–11 and related products. A crafted replace operation on a JavaScript RegExp can trigger memory corruption, enabling remote code execution or a denial of service. Connected s...
CVE-2015-6055
The CVE-2015-6055 issue affects the Microsoft scripting engines used by Internet Explorer (VBScript 5.7/5.8 and JScript 5.7/5.8) and is caused by memory corruption when processing crafted Filter arguments. This can allow remote code execution or memory corruption leading to a DoS; affected produc...
CVE-2015-6056
CVE-2015-6056 is an Internet Explorer scripting engine memory corruption vulnerability affecting IE9–IE11. The issue arises in the JScript/VBScript engines when processing a crafted web page, allowing remote code execution or memory corruption leading to a denial of service. Public exploit activi...
CVE-2015-6135
CVE-2015-6135 concerns Microsoft VBScript 5.7/5.8 and JScript 5.7/5.8 engines used in Internet Explorer 8–11. The vulnerability allows a remote attacker to read sensitive data from process memory via a crafted web page, i.e., an information‑disclosure flaw. Affected component is the VBScript/JScr...
CVE-2015-6052
CVE-2015-6052 covers a security feature bypass in the VBScript 5.7/5.8 and JScript 5.7/5.8 engines used by Internet Explorer 8–11 and other products. A remote attacker could bypass ASLR via a crafted website. The issue is described as a VBScript/JScript ASLR bypass affecting IE components; relate...
CVE-2011-0663
CVE-2011-0663 concerns multiple integer overflow vulnerabilities in Microsoft JScript 5.6–5.8 and VBScript 5.6–5.8 scripting engines. A crafted web page can trigger memory corruption, allowing remote attackers to execute arbitrary code on affected Windows systems. Affected components include JScr...
CVE-2015-6089
CVE-2015-6089 describes a memory corruption vulnerability in Microsoft Internet Explorer’s VBScript/JScript engines (IE 8–11). The root cause is a memory allocation/handling flaw that can be exploited by a crafted webpage to achieve remote code execution or, per the threat landscape, memory corru...