[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Remote code execution vulnerability in Javascript and Vbscript scripting engines

ID: oval:org.secpod.oval:def:715Date: (C)2011-04-19   (M)2023-12-14
Class: VULNERABILITYFamily: windows




The host is installed with Javascript and Vbscript 5.6 or 5.7 or 5.8 scripting engines and is prone to remote code execution vulnerability. A flaw is present in the application which is caused when the scripting engines attempt to reallocate memory while decoding a script in order to run it, an integer overflow could occur. Successful exploitation allows remote attacker to take complete control of an affected system remotely

Platform:
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Product:
Microsoft JScript
Microsoft VBScript
Reference:
CVE-2011-0663
CVE    1
CVE-2011-0663
CPE    40
cpe:/o:microsoft:windows_server_2008:r2:sp1:x64
cpe:/o:microsoft:windows_server_2008:::x64
cpe:/o:microsoft:windows_server_2008:::x86
cpe:/o:microsoft:windows_7::sp1:x64
...

© SecPod Technologies