CVE-2011-0663

CVSS 8.8 HIGHEPSS 26.2%CWE-190

Vexday Risk Score

26Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 8.8EPSS 26.2%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado

Lifecycle

13 Apr 2011Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Multiple integer overflows in the Microsoft (1) JScript 5.6 through 5.8 and (2) VBScript 5.6 through 5.8 scripting engines allow remote attackers to execute arbitrary code via a crafted web page, aka "Scripting Memory Reallocation Vulnerability."

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://osvdb.org/71774 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-031 http://secunia.com/advisories/44162 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12673 http://www.securityfocus.com/bid/47249 http://www.securitytracker.com/id?1025333 http://www.us-cert.gov/cas/techalerts/TA11-102A.html http://www.vupen.com/english/advisories/2011/0949