<< Back
CVE Number Vulnerability Product Severity Date
MS11-031 Vulnerability in JScript and VBScript Scripting Engines Could Allow Remote Code Execution (2514666) JScript 5.7 Critical 13-04-2011

Technical Information

Brief overview of the risk:
This security update resolves a privately reported vulnerability in the JScript and VBScript scripting engines. The vulnerability could allow remote code execution if a user visited a specially crafted Web site.
Detailed Information on the risk:

A remote code execution vulnerability exists in the JScript and VBScript scripting engines due to a memory corruption error. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the logged-on user. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.


Further information on this exploit is available at : MS11-031

Affected Software

JScript 5.7 and VBScript 5.7
JScript 5.8 and VBScript 5.8
JScript 5.6 and VBScript 5.6
JScript 5.7 and VBScript 5.7
JScript 5.8 and VBScript 5.8