CVSS: 7.6EPSS: 14%CPEs: 16EXPL: 0CVE-2018-1001 – Microsoft Windows JScript String Manipulation Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-1001
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-0988, CVE-2018-0996. Existe una vulnerabilidad de ejecución remota de código que se manifiesta en la forma en la que el motor de scripting gestiona los objetos en la memoria en Internet Explorer. Esto también se conoce como "Scripting Engine Memory Corruption Vulnerability". • http://www.securityfocus.com/bid/103609 http://www.securitytracker.com/id/1040653 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1001 • CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 16EXPL: 0CVE-2018-1000 – Microsoft Windows VBScript Filter Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-1000
An information disclosure vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Information Disclosure Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-0981, CVE-2018-0987, CVE-2018-0989. Existe una vulnerabilidad de divulgación de información debido a la forma en la que el motor de scripting gestiona los objetos en la memoria en Internet Explorer. Esto también se conoce como "Scripting Engine Information Disclosure Vulnerability". • http://www.securityfocus.com/bid/103603 http://www.securitytracker.com/id/1040653 https://lists.apache.org/thread.html/6c9991dbcb7358e18a46cd113fa0fd7586eaf312b1c7f7d4cdb16fa1%40%3Csolr-user.lucene.apache.org%3E https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E https://lists.apache.org/thread.html/83315d9b28d9010eeeec360f3295105354b8ff30d94e75b5c67c13ac%40%3Csolr-user.lucene.apache.org%3E https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1000 • CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 16EXPL: 0CVE-2018-0981 – Microsoft Windows VBScript Join Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-0981
An information disclosure vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Information Disclosure Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-0987, CVE-2018-0989, CVE-2018-1000. Existe una vulnerabilidad de divulgación de información debido a la forma en la que el motor de scripting gestiona los objetos en la memoria en Internet Explorer. Esto también se conoce como "Scripting Engine Information Disclosure Vulnerability". • http://www.securityfocus.com/bid/103621 http://www.securitytracker.com/id/1040653 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0981 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 12%CPEs: 14EXPL: 0CVE-2018-1004 – Microsoft Windows SAFEARRAY Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-1004
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Internet Explorer 9, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10. Existe una vulnerabilidad de ejecución remota de código debido a la forma en la que el motor VBScript gestiona los objetos en la memoria. Esto también se conoce como "Windows VBScript Engine Remote Code Execution Vulnerability". Esto afecta a Windows 7, Windows Server 2012 R2, Internet Explorer 9, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2 y Windows 10. • http://www.securityfocus.com/bid/103657 http://www.securitytracker.com/id/1040655 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1004 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 94%CPEs: 22EXPL: 1CVE-2018-0986 – Microsoft Windows Defender - 'mpengine.dll' Memory Corruption
https://notcve.org/view.php?id=CVE-2018-0986
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." This affects Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Exchange Server, Microsoft System Center, Microsoft Forefront Endpoint Protection. Existe una vulnerabilidad de ejecución remota de código cuando Microsoft Malware Protection Engine no escanea correctamente un archivo especialmente manipulado. Esto desemboca en una corrupción de memoria, también conocida como "Microsoft Malware Protection Engine Remote Code Execution Vulnerability". Esto afecta a Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Exchange Server, Microsoft System Center y Microsoft Forefront Endpoint Protection. • https://www.exploit-db.com/exploits/44402 http://www.securityfocus.com/bid/103593 http://www.securitytracker.com/id/1040631 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0986 • CWE-787: Out-of-bounds Write •