CVSS: 9.3EPSS: 56%CPEs: 10EXPL: 3CVE-2015-2482 – Microsoft Windows JavaScript Regular Expression Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-2482
13 Oct 2015 — The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted replace operation with a JavaScript regular expression, aka "Scripting Engine Memory Corruption Vulnerability." Los motores Microsoft (1) VBScript 5.7 y 5.8 y (2) JScript 5.7 y 5.8, tal como se utiliza en Internet Explorer 8 hasta la versión 11 y otros productos... • https://packetstorm.news/files/id/133958 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 23%CPEs: 9EXPL: 0CVE-2015-2372
https://notcve.org/view.php?id=CVE-2015-2372
14 Jul 2015 — vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 6 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScript Memory Corruption Vulnerability." vbscript.dll en Microsoft VBScript versión 5.6 a la 5.8, tal como se utiliza con Internet Explorer versión 6 a la 11 y otros productos, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servici... • http://www.securitytracker.com/id/1032894 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 12%CPEs: 7EXPL: 0CVE-2015-1686
https://notcve.org/view.php?id=CVE-2015-1686
13 May 2015 — The Microsoft (1) VBScript 5.6 through 5.8 and (2) JScript 5.6 through 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "VBScript and JScript ASLR Bypass." Los motores Microsoft (1) VBScript 5.6 hasta 5.8 y (2) JScript 5.6 hasta 5.8, utilizados en Internet Explorer 8 hasta 11 y otros productos, permiten a atacantes remotos evadir el mecanismo de protección ASLR a través de un sitio web manipu... • http://www.securityfocus.com/bid/74530 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.0EPSS: 12%CPEs: 7EXPL: 0CVE-2015-1684 – Microsoft Windows VBScript Regular Expression Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2015-1684
12 May 2015 — VBScript.dll in the Microsoft VBScript 5.6 through 5.8 engine, as used in Internet Explorer 8 through 11 and other products, allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "VBScript ASLR Bypass." VBScript.dll en el motor Microsoft VBScript 5.6 hasta 5.8, utilizado en Internet Explorer 8 hasta 11 y otros productos, permite a atacantes remotos evadir el mecanismo de protección ASLR a través de un sitio web manipulado, también conocido como 'evasión de ASLR de VBScr... • http://www.securityfocus.com/bid/74522 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 16%CPEs: 7EXPL: 0CVE-2015-0032
https://notcve.org/view.php?id=CVE-2015-0032
11 Mar 2015 — vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 8 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScript Memory Corruption Vulnerability." vbscript.dll en Microsoft VBScript 5.6 hasta 5.8, utilizado con Internet Explorer 8 hasta 11 y otros productos, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria... • http://www.securityfocus.com/bid/72910 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 32%CPEs: 9EXPL: 2CVE-2014-6363 – Microsoft Internet Explorer 8/9/10/11 / IIS / CScript.exe/WScript.exe VBScript - CRegExp..Execute Use of Uninitialized Memory (MS14-080/MS14-084)
https://notcve.org/view.php?id=CVE-2014-6363
11 Dec 2014 — vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 6 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScript Memory Corruption Vulnerability." vbscript.dll en Microsoft VBScript 5.6 hasta 5.8, utilizado con Internet Explorer 6 hasta 11 y otros productos, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria... • https://packetstorm.news/files/id/139598 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 45%CPEs: 9EXPL: 0CVE-2014-0271
https://notcve.org/view.php?id=CVE-2014-0271
12 Feb 2014 — The VBScript engine in Microsoft Internet Explorer 6 through 11, and VBScript 5.6 through 5.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScript Memory Corruption Vulnerability." El motor VBScript en Microsoft Internet Explorer 6 hasta 11 y VBScript 5.6 hasta 5.8, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también ... • http://osvdb.org/103166 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 22%CPEs: 36EXPL: 0CVE-2011-0663
https://notcve.org/view.php?id=CVE-2011-0663
13 Apr 2011 — Multiple integer overflows in the Microsoft (1) JScript 5.6 through 5.8 and (2) VBScript 5.6 through 5.8 scripting engines allow remote attackers to execute arbitrary code via a crafted web page, aka "Scripting Memory Reallocation Vulnerability." Múltiples desbordamientos de enteros en los motores de secuencias de comandos (1) JScript v5.6 a la v5.8 y(2) VBScript v5.6 a la v5.8, permite a atacantes remotos ejecutar código de su elección a través de una página web manipulada. También conocida como "Scripting... • http://osvdb.org/71774 • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •