[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

VBScript and JScript Remote Code Execution Vulnerability - MS08-022

ID: oval:org.secpod.oval:def:2664Date: (C)2011-11-03   (M)2017-10-04
Class: PATCHFamily: windows




The host is missing a critical security update according to Microsoft bulletin, MS08-022. The update is required to fix a remote code execution vulnerability. A flaw is present in (1) VBScript (VBScript.dll) and (2) JScript (JScript.dll) scripting engines 5.1 and 5.6, as used in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2, which fail to decode the script. Successful exploitation could allow remote attackers to execute arbitrary code via unknown vectors.

Platform:
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Product:
Microsoft JScript
Reference:
MS08-022
CVE-2008-0083
CVE    1
CVE-2008-0083
CPE    12
cpe:/o:microsoft:windows_xp::sp1:64bit
cpe:/o:microsoft:windows_xp::sp2:x86
cpe:/o:microsoft:windows_2003_server::sp2:itanium
cpe:/o:microsoft:windows_xp::sp2:x64
...
XCCDF    4
xccdf_com.secpod_benchmark_microsoft-windows-server-2003
xccdf_com.secpod_benchmark_microsoft-windows-2000
xccdf_com.secpod_benchmark_microsoft-windows-xp
xccdf_scaprepo.com_benchmark_microsoft-windows-server-2003
...

© 2013 SecPod Technologies