Microsoft Windows JavaScript Integer Overflow Remote Code Execution Vulnerability

Last Update Date: 15 Aug 2012 16:59 Release Date: 15 Aug 2012 4783 Views

RISK: High Risk

High Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

A remote code execution vulnerability exists in the way that the JScript and VBScript engines calculate the size of an object in memory during a copy operation. The vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Impact

  • Remote Code Execution

System / Technologies affected

  • Windows XP
  • Windows Server 2003
  • Windows Vista
  • Windows Server 2008
  • Windows 7
  • Windows Server 2008 R2
  • JScript 5.8 and VBScript 5.8

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Microsoft Windows Networking Components Multiple Vulnerabilities

15 Aug 2012 4788 Views

Next

Microsoft Exchange Server Multiple Vulnerabilities

15 Aug 2012 4611 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY