MS11-009 - Information disclosure vulnerability in scripting enginesID: oval:org.secpod.oval:def:88 | Date: (C)2011-02-09 (M)2022-10-10 |
Class: VULNERABILITY | Family: windows |
The host is installed with scripting engines and is prone to information disclosure vulnerability. A flaw is present in JScript 5.8 and VBScript 5.8 scripting engines, which fails to properly load decoded scripts obtained from web pages. Successful exploitation could allow remote attackers to redirect a user to the attacker's web site.
Platform: |
Microsoft Windows 7 |
Microsoft Windows Server 2008 R2 |
Product: |
Microsoft VBScript 5.8 |
Microsoft JScript 5.8 |