23 matches found
CVE-2016-0189
CVE-2016-0189 is a memory-corruption flaw in Microsoft JScript/VBScript engines used by Internet Explorer 9–11 that attackers could trigger via crafted web content to achieve remote code execution or memory corruption. Connected sources show exploitation within exploit kits (notably Neutrino/Nept...
CVE-2016-0187
Technical details for CVE-2016-0187 are not provided in the connected documents. The sources discuss related CVEs (e.g., CVE-2016-0189) and EK activity, but no product/version/impact specifics or remediation for 2016-0187 are given.
CVE-2012-2523
The CVE-2012-2523 issue affects Internet Explorer 8/9 on 64-bit Windows, specifically JScript 5.8 and VBScript 5.8. The root cause is an integer overflow due to an incorrect size calculation during object copying, enabling remote code execution as described in MS12-056 (2706045). Public reference...
CVE-2016-3206
Affected software: Microsoft JScript 5.8 and VBScript 5.7/5.8 engines used by Internet Explorer 9–11 and related products. Concerning vulnerability: memory corruption in scripting engines that could allow remote code execution or a denial of service via a crafted web site (Scripting Engine Memory...
CVE-2016-3205
The CVEs (CVE-2016-3205, CVE-2016-3206, CVE-2016-3207) describe memory corruption in Microsoft’s JScript 5.8 and VBScript 5.7/5.8 engines used by Internet Explorer 9–11 and related products, enabling remote code execution or denial of service via a crafted webpage. Connected Microsoft MSKB update...
CVE-2016-3207
CVE-2016-3207 corresponds to a memory corruption vulnerability in Microsoft’s scripting engines (JScript 5.8 and VBScript 5.7/5.8) used by Internet Explorer 9–11 and related products. The issue allows remote code execution or denial of service via a crafted web site. Connected Microsoft KB/MSRC e...
CVE-2015-2372
CVE-2015-2372 concerns vbscript.dll in Microsoft VBScript 5.6–5.8 used with Internet Explorer (IE 6–11) and related products. The vulnerability enables remote code execution or memory corruption via a crafted web site, due to memory corruption in VBScript as described in MS15-066. Connected sourc...
CVE-2016-0002
Technical details for CVE-2016-0002 are not publicly available in the provided connected documents. Monitor for updates.
CVE-2014-6363
CVE-2014-6363 affects the Microsoft VBScript engine (versions 5.6–5.8) used with Internet Explorer and other products. The issue is a memory corruption vulnerability in VBScript CRegExp/engine handling that can allow remote code execution when a user visits a crafted web page. Exploitation is evi...
CVE-2015-6059
The CVE-2015-6059 entry corresponds to an information-disclosure vulnerability in Microsoft’s VBScript 5.7/5.8 and JScript 5.7/5.8 engines used by Internet Explorer 8–11 and other products. A remote attacker could obtain sensitive information from process memory via a crafted web site (Scripting ...
CVE-2015-6136
The CVE-2015-6136 entry describes a memory corruption vulnerability in Microsoft VBScript 5.7/5.8 and JScript 5.7/5.8 engines used by Internet Explorer 8–11 and other products, enabling remote code execution via a crafted webpage. Affected components: VBScript and JScript engines embedded in IE. ...
CVE-2016-3202
CVE-2016-3202 affects the Chakra JavaScript, JScript, and VBScript engines used by Internet Explorer 10/11 and Microsoft Edge. The vulnerability allows remote attackers to execute arbitrary code or cause memory corruption via a crafted web site (Scripting Engine Memory Corruption Vulnerability). ...
CVE-2015-2482
CVE-2015-2482 affects Microsoft VBScript/JScript engines (VBScript 5.7/5.8 and JScript 5.7/5.8) used in Internet Explorer 8–11 and related products. A crafted replace operation on a JavaScript RegExp can trigger memory corruption, enabling remote code execution or a denial of service. Connected s...
CVE-2015-0032
CVE-2015-0032 affects the Microsoft VBScript engine (versions 5.6–5.8) used with Internet Explorer 8–11. The memory-corruption vulnerability allows remote code execution or a DoS when a user visits a crafted website, due to how VBScript handles objects in memory. Affected products include Windows...
CVE-2015-1686
CVE-2015-1686 documents an ASLR bypass in Microsoft Internet Explorer's scripting engines: VBScript 5.6–5.8 and JScript 5.6–5.8 used in IE8–IE11 (and related products). The root cause is ASLR bypass capability within these engines when rendering a crafted web page, enabling potential arbitrary co...
CVE-2014-0271
The CVE-2014-0271 entry maps to a memory-corruption vulnerability in the VBScript engine used by Microsoft Internet Explorer (IE) 6–11 and VBScript 5.6–5.8. The root cause is memory handling flaws in VBScript that can be triggered by a crafted web site, enabling remote code execution or memory co...
CVE-2015-1684
CVE-2015-1684 affects the VBScript engine (VBScript.dll) in Microsoft VBScript 5.6–5.8 used by Internet Explorer 8–11. The issue is an ASLR bypass caused by memory handling during regex processing, enabling remote-style ASLR bypass via a crafted web page. Connected advisories confirm ASLR bypass ...
CVE-2015-6055
The CVE-2015-6055 issue affects the Microsoft scripting engines used by Internet Explorer (VBScript 5.7/5.8 and JScript 5.7/5.8) and is caused by memory corruption when processing crafted Filter arguments. This can allow remote code execution or memory corruption leading to a DoS; affected produc...
CVE-2015-6056
CVE-2015-6056 is an Internet Explorer scripting engine memory corruption vulnerability affecting IE9–IE11. The issue arises in the JScript/VBScript engines when processing a crafted web page, allowing remote code execution or memory corruption leading to a denial of service. Public exploit activi...
CVE-2015-6135
CVE-2015-6135 concerns Microsoft VBScript 5.7/5.8 and JScript 5.7/5.8 engines used in Internet Explorer 8–11. The vulnerability allows a remote attacker to read sensitive data from process memory via a crafted web page, i.e., an information‑disclosure flaw. Affected component is the VBScript/JScr...
CVE-2015-6052
CVE-2015-6052 covers a security feature bypass in the VBScript 5.7/5.8 and JScript 5.7/5.8 engines used by Internet Explorer 8–11 and other products. A remote attacker could bypass ASLR via a crafted website. The issue is described as a VBScript/JScript ASLR bypass affecting IE components; relate...
CVE-2011-0663
CVE-2011-0663 concerns multiple integer overflow vulnerabilities in Microsoft JScript 5.6–5.8 and VBScript 5.6–5.8 scripting engines. A crafted web page can trigger memory corruption, allowing remote attackers to execute arbitrary code on affected Windows systems. Affected components include JScr...
CVE-2015-6089
CVE-2015-6089 describes a memory corruption vulnerability in Microsoft Internet Explorer’s VBScript/JScript engines (IE 8–11). The root cause is a memory allocation/handling flaw that can be exploited by a crafted webpage to achieve remote code execution or, per the threat landscape, memory corru...