This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2011-04-13
Product Jscript Last view 2016-01-13
Version 5.7 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:microsoft:jscript

Activity : Overall

Related : CVE

  Date Alert Description
7.5 2016-01-13 CVE-2016-0002

The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."

9.3 2015-12-09 CVE-2015-6136

The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."

5 2015-12-09 CVE-2015-6135

The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability."

4.3 2015-10-13 CVE-2015-6059

The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability."

9.3 2015-10-13 CVE-2015-6055

The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Filter arguments, aka "Scripting Engine Memory Corruption Vulnerability."

4.3 2015-10-13 CVE-2015-6052

The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "VBScript and JScript ASLR Bypass."

9.3 2015-10-13 CVE-2015-2482

The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted replace operation with a JavaScript regular expression, aka "Scripting Engine Memory Corruption Vulnerability."

9.3 2011-04-13 CVE-2011-0663

Multiple integer overflows in the Microsoft (1) JScript 5.6 through 5.8 and (2) VBScript 5.6 through 5.8 scripting engines allow remote attackers to execute arbitrary code via a crafted web page, aka "Scripting Memory Reallocation Vulnerability."

CWE : Common Weakness Enumeration

%idName
50% (4) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
37% (3) CWE-200 Information Exposure
12% (1) CWE-189 Numeric Errors

Open Source Vulnerability Database (OSVDB)

id Description
71774 Microsoft Windows JScript / VBScript Engine Scripting Memory Reallocation Ove...

OpenVAS Exploits

id Description
2011-04-13 Name : Microsoft JScript and VBScript Scripting Engines Remote Code Execution Vulner...
File : nvt/secpod_ms11-031.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2011-A-0048 Microsoft Windows Scripting Memory Reallocation Vulnerability
Severity: Category II - VMSKEY: V0026526

Snort® IPS/IDS

Date Description
2017-07-04 Microsoft Internet Explorer vbscript regular expression information disclosur...
RuleID : 43072 - Type : BROWSER-IE - Revision : 1
2017-07-04 Microsoft Internet Explorer vbscript regular expression information disclosur...
RuleID : 43071 - Type : BROWSER-IE - Revision : 1
2017-07-04 Microsoft Internet Explorer vbscript regular expression information disclosur...
RuleID : 43070 - Type : BROWSER-IE - Revision : 1
2017-07-04 Microsoft Internet Explorer vbscript regular expression information disclosur...
RuleID : 43069 - Type : BROWSER-IE - Revision : 1
2016-04-26 Microsoft Internet Explorer VBScript engine use after free attempt
RuleID : 38309 - Type : BROWSER-IE - Revision : 2
2016-04-26 Microsoft Internet Explorer VBScript engine use after free attempt
RuleID : 38308 - Type : BROWSER-IE - Revision : 2
2016-03-14 Microsoft Internet Explorer VBScript engine use after free attempt
RuleID : 37284 - Type : BROWSER-IE - Revision : 3
2016-03-14 Microsoft Internet Explorer VBScript engine use after free attempt
RuleID : 37283 - Type : BROWSER-IE - Revision : 4
2016-03-14 Microsoft Internet Explorer VBScript engine use after free attempt
RuleID : 36923 - Type : BROWSER-IE - Revision : 7
2016-03-14 Microsoft Internet Explorer VBScript engine use after free attempt
RuleID : 36922 - Type : BROWSER-IE - Revision : 7
2016-03-14 Microsoft Internet Explorer vbscript regular expression information disclosur...
RuleID : 36459 - Type : BROWSER-IE - Revision : 3
2016-03-14 Microsoft Internet Explorer vbscript regular expression information disclosur...
RuleID : 36458 - Type : BROWSER-IE - Revision : 3
2016-03-14 Microsoft Internet Explorer RegExp object use after free attempt
RuleID : 36451 - Type : BROWSER-IE - Revision : 5
2016-03-14 Microsoft Internet Explorer RegExp object use after free attempt
RuleID : 36450 - Type : BROWSER-IE - Revision : 5
2016-03-14 Visual Basic scripting engine Filter argument mishandling attempt
RuleID : 36442 - Type : FILE-OTHER - Revision : 2
2016-03-14 Visual Basic scripting engine Filter argument mishandling attempt
RuleID : 36441 - Type : FILE-OTHER - Revision : 2
2016-03-14 Remote non-VBScript file found in Visual Basic script tag src attribute
RuleID : 36422 - Type : POLICY-OTHER - Revision : 2
2016-03-14 Remote non-VBScript file found in Visual Basic script tag src attribute
RuleID : 36421 - Type : POLICY-OTHER - Revision : 2
2016-03-14 Remote non-VBScript file found in Visual Basic script tag src attribute
RuleID : 36420 - Type : POLICY-OTHER - Revision : 2
2016-03-14 Remote non-VBScript file found in Visual Basic script tag src attribute
RuleID : 36419 - Type : POLICY-OTHER - Revision : 2
2015-06-17 Microsoft Internet Explorer vbscript regular expression information disclosur...
RuleID : 34394 - Type : BROWSER-IE - Revision : 4
2015-06-17 Microsoft Internet Explorer vbscript regular expression information disclosur...
RuleID : 34393 - Type : BROWSER-IE - Revision : 4

Nessus® Vulnerability Scanner

id Description
2016-01-12 Name: The remote host has a web browser installed that is affected by multiple vuln...
File: smb_nt_ms16-001.nasl - Type: ACT_GATHER_INFO
2016-01-12 Name: The remote Windows host is affected by a remote code execution vulnerability.
File: smb_nt_ms16-003.nasl - Type: ACT_GATHER_INFO
2015-12-08 Name: The remote host has a web browser installed that is affected by multiple vuln...
File: smb_nt_ms15-124.nasl - Type: ACT_GATHER_INFO
2015-12-08 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms15-126.nasl - Type: ACT_GATHER_INFO
2015-10-13 Name: The remote host is affected by multiple vulnerabilities.
File: smb_nt_ms15-106.nasl - Type: ACT_GATHER_INFO
2015-10-13 Name: The remote host is affected by multiple vulnerabilities.
File: smb_nt_ms15-108.nasl - Type: ACT_GATHER_INFO
2011-04-13 Name: Arbitrary code can be executed on the remote host through the installed JScri...
File: smb_nt_ms11-031.nasl - Type: ACT_GATHER_INFO