Information disclosure vulnerability in scripting engines - MS11-009ID: oval:org.secpod.oval:def:1034 | Date: (C)2011-05-23 (M)2022-03-15 |
Class: PATCH | Family: windows |
The host is missing an Important security update according to Microsoft security bulletin, MS11-009. The update is required to fix information disclosure vulnerability in JScript and VBScript scripting engines. A flaw is present in the JScript and VBScript scripting engines, which fails to properly load decoded scripts obtained from web pages. Successful exploitation could allow remote attackers to redirect a user to the attacker's web site.
Platform: |
Microsoft Windows 7 |
Microsoft Windows Server 2008 R2 |
Product: |
Microsoft VBScript 5.8 |
Microsoft JScript 5.8 |