Multiple vulnerabilities in the JScript and VBScript

Description

Multiple serious vulnerabilities have been found in Microsoft JScript and VBScript. Malicious users can exploit these vulnerabilities to execute arbitrary code.

---

Technical details

Improper objects handling in memory in Internet Explorer can be exploited remotely via a specially designed web content.

Original advisories

• CVE-2016-0189

• CVE-2016-0187

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

• Microsoft-VBScript-engine

CVE list

• CVE-2016-0189
  critical
• CVE-2016-0187
  critical

KB list

• 3155413
• 3158991

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com