CVSS: 9.3EPSS: 56%CPEs: 10EXPL: 3CVE-2015-2482 – Microsoft Windows JavaScript Regular Expression Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-2482
13 Oct 2015 — The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted replace operation with a JavaScript regular expression, aka "Scripting Engine Memory Corruption Vulnerability." Los motores Microsoft (1) VBScript 5.7 y 5.8 y (2) JScript 5.7 y 5.8, tal como se utiliza en Internet Explorer 8 hasta la versión 11 y otros productos... • https://packetstorm.news/files/id/133958 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 22%CPEs: 36EXPL: 0CVE-2011-0663
https://notcve.org/view.php?id=CVE-2011-0663
13 Apr 2011 — Multiple integer overflows in the Microsoft (1) JScript 5.6 through 5.8 and (2) VBScript 5.6 through 5.8 scripting engines allow remote attackers to execute arbitrary code via a crafted web page, aka "Scripting Memory Reallocation Vulnerability." Múltiples desbordamientos de enteros en los motores de secuencias de comandos (1) JScript v5.6 a la v5.8 y(2) VBScript v5.6 a la v5.8, permite a atacantes remotos ejecutar código de su elección a través de una página web manipulada. También conocida como "Scripting... • http://osvdb.org/71774 • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •