ASLR bypass vulnerability in VBScript and JScript Scripting Engines - CVE-2015-6052| ID: oval:org.secpod.oval:def:30015 | Date: (C)2015-10-15 (M)2024-03-06 |
| Class: VULNERABILITY | Family: windows |
The host is installed with JScript and Vbscript 5.7 or 5.8 scripting engines and is prone to an ASLR bypass vulnerability. A flaw is present in the applications, which fail to use the Address Space Layout Randomization (ASLR) security feature. Successful exploitation could allow attacker to more reliably predict the memory offsets of specific instructions in a given call stack.
| Platform: |
| Microsoft Windows Vista |
| Microsoft Windows Server 2008 |
| Microsoft Windows 7 |
| Microsoft Windows Server 2008 R2 |
| Microsoft Windows 8 |
| Microsoft Windows Server 2012 |
| Microsoft Windows 8.1 |
| Microsoft Windows Server 2012 R2 |
| Microsoft Windows 10 |
| Product: |
| Microsoft JScript 5.7 |
| Microsoft JScript 5.8 |
| Microsoft VBScript 5.7 |
| Microsoft VBScript 5.8 |
