CVE Number | Vulnerability | Product | Severity | Date |
---|---|---|---|---|
MS11-031 | Vulnerability in JScript and VBScript Scripting Engines Could Allow Remote Code Execution (2514666) | JScript 5.7 | Critical | 13-04-2011 |
Technical Information
Brief overview of the risk:
This security update resolves a privately reported vulnerability in the JScript and VBScript scripting engines. The vulnerability could allow remote code execution if a user visited a specially crafted Web site.
Detailed Information on the risk:
A remote code execution vulnerability exists in the JScript and VBScript scripting engines due to a memory corruption error. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the logged-on user. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Further information on this exploit is available at : MS11-031
Affected Software
JScript 5.7 and VBScript 5.7JScript 5.8 and VBScript 5.8
JScript 5.6 and VBScript 5.6
JScript 5.7 and VBScript 5.7
JScript 5.8 and VBScript 5.8