12 matches found
CVE-2015-2372
CVE-2015-2372 concerns vbscript.dll in Microsoft VBScript 5.6–5.8 used with Internet Explorer (IE 6–11) and related products. The vulnerability enables remote code execution or memory corruption via a crafted web site, due to memory corruption in VBScript as described in MS15-066. Connected sourc...
CVE-2015-6136
The CVE-2015-6136 entry describes a memory corruption vulnerability in Microsoft VBScript 5.7/5.8 and JScript 5.7/5.8 engines used by Internet Explorer 8–11 and other products, enabling remote code execution via a crafted webpage. Affected components: VBScript and JScript engines embedded in IE. ...
CVE-2015-2482
CVE-2015-2482 affects Microsoft VBScript/JScript engines (VBScript 5.7/5.8 and JScript 5.7/5.8) used in Internet Explorer 8–11 and related products. A crafted replace operation on a JavaScript RegExp can trigger memory corruption, enabling remote code execution or a denial of service. Connected s...
CVE-2015-6059
The CVE-2015-6059 entry corresponds to an information-disclosure vulnerability in Microsoft’s VBScript 5.7/5.8 and JScript 5.7/5.8 engines used by Internet Explorer 8–11 and other products. A remote attacker could obtain sensitive information from process memory via a crafted web site (Scripting ...
CVE-2015-1686
CVE-2015-1686 documents an ASLR bypass in Microsoft Internet Explorer's scripting engines: VBScript 5.6–5.8 and JScript 5.6–5.8 used in IE8–IE11 (and related products). The root cause is ASLR bypass capability within these engines when rendering a crafted web page, enabling potential arbitrary co...
CVE-2015-0032
CVE-2015-0032 affects the Microsoft VBScript engine (versions 5.6–5.8) used with Internet Explorer 8–11. The memory-corruption vulnerability allows remote code execution or a DoS when a user visits a crafted website, due to how VBScript handles objects in memory. Affected products include Windows...
CVE-2015-6055
The CVE-2015-6055 issue affects the Microsoft scripting engines used by Internet Explorer (VBScript 5.7/5.8 and JScript 5.7/5.8) and is caused by memory corruption when processing crafted Filter arguments. This can allow remote code execution or memory corruption leading to a DoS; affected produc...
CVE-2015-6056
CVE-2015-6056 is an Internet Explorer scripting engine memory corruption vulnerability affecting IE9–IE11. The issue arises in the JScript/VBScript engines when processing a crafted web page, allowing remote code execution or memory corruption leading to a denial of service. Public exploit activi...
CVE-2015-6135
CVE-2015-6135 concerns Microsoft VBScript 5.7/5.8 and JScript 5.7/5.8 engines used in Internet Explorer 8–11. The vulnerability allows a remote attacker to read sensitive data from process memory via a crafted web page, i.e., an information‑disclosure flaw. Affected component is the VBScript/JScr...
CVE-2015-1684
CVE-2015-1684 affects the VBScript engine (VBScript.dll) in Microsoft VBScript 5.6–5.8 used by Internet Explorer 8–11. The issue is an ASLR bypass caused by memory handling during regex processing, enabling remote-style ASLR bypass via a crafted web page. Connected advisories confirm ASLR bypass ...
CVE-2015-6052
CVE-2015-6052 covers a security feature bypass in the VBScript 5.7/5.8 and JScript 5.7/5.8 engines used by Internet Explorer 8–11 and other products. A remote attacker could bypass ASLR via a crafted website. The issue is described as a VBScript/JScript ASLR bypass affecting IE components; relate...
CVE-2015-6089
CVE-2015-6089 describes a memory corruption vulnerability in Microsoft Internet Explorer’s VBScript/JScript engines (IE 8–11). The root cause is a memory allocation/handling flaw that can be exploited by a crafted webpage to achieve remote code execution or, per the threat landscape, memory corru...