KLA10739
Code execution vulnerability in Microsoft VBScript
Обновлено: 17/06/2019
Дата обнаружения
12/01/2016
Уровень угрозы
High
Описание

Improper memory objects handling was found in Microsoft VBScript. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed web content.


Technical details

To mitigate this vulnerability you can restrict access to VBScript.dll

Пораженные продукты

Microsoft VBScript versions 5.7 and 5.8

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2016-0002
Оказываемое влияние
?
ACE 
[?]

PE 
[?]
Связанные продукты
Microsoft VBScript engine
CVE-IDS
CVE-2016-00027.6Critical
Microsoft official advisories
Microsoft Security Update Guide
KB list

3124266
3124263
3124275
3125540
3124624
3124625