[Forgot Password]
Login  Register Subscribe

24128

 
 

131573

 
 

110204

 
 

909

 
 

85984

 
 

136

Paid content will be excluded from the download.


Download | Alert*
OVAL

VBScript and JScript Remote Code Execution Vulnerability - MS08-022

ID: oval:org.secpod.oval:def:2664Date: (C)2011-11-03   (M)2018-05-28
Class: PATCHFamily: windows




The host is missing a critical security update according to Microsoft bulletin, MS08-022. The update is required to fix a remote code execution vulnerability. A flaw is present in (1) VBScript (VBScript.dll) and (2) JScript (JScript.dll) scripting engines 5.1 and 5.6, as used in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2, which fail to decode the script. Successful exploitation could allow remote attackers to execute arbitrary code via unknown vectors.

Platform:
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Product:
Microsoft JScript
Reference:
MS08-022
CVE-2008-0083
CVE    1
CVE-2008-0083
CPE    12
cpe:/o:microsoft:windows_2003_server::sp2
cpe:/o:microsoft:windows_2003_server::sp2:itanium
cpe:/o:microsoft:windows_xp:::x64
cpe:/o:microsoft:windows_xp::sp1:64bit
...
XCCDF    4
xccdf_com.secpod_benchmark_microsoft-windows-server-2003
xccdf_com.secpod_benchmark_microsoft-windows-2000
xccdf_com.secpod_benchmark_microsoft-windows-xp
xccdf_scaprepo.com_benchmark_microsoft-windows-server-2003
...

© SecPod Technologies