Lucene search
K

12 matches found

CVE
CVE
added 2015/07/14 9:0 p.m.94 views

CVE-2015-2372

CVE-2015-2372 concerns vbscript.dll in Microsoft VBScript 5.6–5.8 used with Internet Explorer (IE 6–11) and related products. The vulnerability enables remote code execution or memory corruption via a crafted web site, due to memory corruption in VBScript as described in MS15-066. Connected sourc...

9.3CVSS7.6AI score0.20243EPSS
CVE
CVE
added 2015/12/09 11:0 a.m.83 views

CVE-2015-6136

The CVE-2015-6136 entry describes a memory corruption vulnerability in Microsoft VBScript 5.7/5.8 and JScript 5.7/5.8 engines used by Internet Explorer 8–11 and other products, enabling remote code execution via a crafted webpage. Affected components: VBScript and JScript engines embedded in IE. ...

9.3CVSS7.3AI score0.25169EPSS
CVE
CVE
added 2015/10/14 1:0 a.m.81 views

CVE-2015-2482

CVE-2015-2482 affects Microsoft VBScript/JScript engines (VBScript 5.7/5.8 and JScript 5.7/5.8) used in Internet Explorer 8–11 and related products. A crafted replace operation on a JavaScript RegExp can trigger memory corruption, enabling remote code execution or a denial of service. Connected s...

9.3CVSS8AI score0.32285EPSS
CVE
CVE
added 2015/10/14 1:0 a.m.81 views

CVE-2015-6059

The CVE-2015-6059 entry corresponds to an information-disclosure vulnerability in Microsoft’s VBScript 5.7/5.8 and JScript 5.7/5.8 engines used by Internet Explorer 8–11 and other products. A remote attacker could obtain sensitive information from process memory via a crafted web site (Scripting ...

4.3CVSS7.2AI score0.16331EPSS
CVE
CVE
added 2015/05/13 10:0 a.m.74 views

CVE-2015-1686

CVE-2015-1686 documents an ASLR bypass in Microsoft Internet Explorer's scripting engines: VBScript 5.6–5.8 and JScript 5.6–5.8 used in IE8–IE11 (and related products). The root cause is ASLR bypass capability within these engines when rendering a crafted web page, enabling potential arbitrary co...

4.3CVSS6.3AI score0.16265EPSS
CVE
CVE
added 2015/03/11 10:0 a.m.73 views

CVE-2015-0032

CVE-2015-0032 affects the Microsoft VBScript engine (versions 5.6–5.8) used with Internet Explorer 8–11. The memory-corruption vulnerability allows remote code execution or a DoS when a user visits a crafted website, due to how VBScript handles objects in memory. Affected products include Windows...

9.3CVSS7.6AI score0.22318EPSS
CVE
CVE
added 2015/10/14 1:0 a.m.69 views

CVE-2015-6055

The CVE-2015-6055 issue affects the Microsoft scripting engines used by Internet Explorer (VBScript 5.7/5.8 and JScript 5.7/5.8) and is caused by memory corruption when processing crafted Filter arguments. This can allow remote code execution or memory corruption leading to a DoS; affected produc...

9.3CVSS8.1AI score0.25081EPSS
CVE
CVE
added 2015/10/14 1:0 a.m.69 views

CVE-2015-6056

CVE-2015-6056 is an Internet Explorer scripting engine memory corruption vulnerability affecting IE9–IE11. The issue arises in the JScript/VBScript engines when processing a crafted web page, allowing remote code execution or memory corruption leading to a denial of service. Public exploit activi...

9.3CVSS8.1AI score0.12681EPSS
CVE
CVE
added 2015/12/09 11:0 a.m.69 views

CVE-2015-6135

CVE-2015-6135 concerns Microsoft VBScript 5.7/5.8 and JScript 5.7/5.8 engines used in Internet Explorer 8–11. The vulnerability allows a remote attacker to read sensitive data from process memory via a crafted web page, i.e., an information‑disclosure flaw. Affected component is the VBScript/JScr...

5CVSS5.6AI score0.23922EPSS
CVE
CVE
added 2015/05/13 10:0 a.m.68 views

CVE-2015-1684

CVE-2015-1684 affects the VBScript engine (VBScript.dll) in Microsoft VBScript 5.6–5.8 used by Internet Explorer 8–11. The issue is an ASLR bypass caused by memory handling during regex processing, enabling remote-style ASLR bypass via a crafted web page. Connected advisories confirm ASLR bypass ...

4.3CVSS6.3AI score0.16265EPSS
CVE
CVE
added 2015/10/14 1:0 a.m.65 views

CVE-2015-6052

CVE-2015-6052 covers a security feature bypass in the VBScript 5.7/5.8 and JScript 5.7/5.8 engines used by Internet Explorer 8–11 and other products. A remote attacker could bypass ASLR via a crafted website. The issue is described as a VBScript/JScript ASLR bypass affecting IE components; relate...

4.3CVSS7.6AI score0.14898EPSS
CVE
CVE
added 2015/11/11 11:0 a.m.62 views

CVE-2015-6089

CVE-2015-6089 describes a memory corruption vulnerability in Microsoft Internet Explorer’s VBScript/JScript engines (IE 8–11). The root cause is a memory allocation/handling flaw that can be exploited by a crafted webpage to achieve remote code execution or, per the threat landscape, memory corru...

9.3CVSS7.7AI score0.13269EPSS