exploitDog

GHSA-6x8r-frrv-mcw4

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

The (1) VBScript (VBScript.dll) and (2) JScript (JScript.dll) scripting engines 5.1 and 5.6, as used in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2, do not properly decode script, which allows remote attackers to execute arbitrary code via unknown vectors.

The (1) VBScript (VBScript.dll) and (2) JScript (JScript.dll) scripting engines 5.1 and 5.6, as used in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2, do not properly decode script, which allows remote attackers to execute arbitrary code via unknown vectors.

Ссылки

EPSS

Процентиль: 98%

0.59309

Средний

CVE ID

Дефекты

CWE-94

Связанные уязвимости

CVE-2008-0083

nvd

почти 18 лет назад

The (1) VBScript (VBScript.dll) and (2) JScript (JScript.dll) scripting engines 5.1 and 5.6, as used in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2, do not properly decode script, which allows remote attackers to execute arbitrary code via unknown vectors.

EPSS

Процентиль: 98%

0.59309

Средний

CVE ID

Дефекты

CWE-94