Описание
Windows Scripting Engine Memory Corruption Vulnerability
An information disclosure vulnerability exists when VBScript improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user’s computer or data.
To exploit the vulnerability, an attacker must know the memory address of where the object was created.
The update addresses the vulnerability by changing the way certain functions handle objects in memory.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1511 for 32-bit Systems | ||
| Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1511 for x64-based Systems |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
EPSS
Связанные уязвимости
The VBScript engine in Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability."
The VBScript engine in Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability."
Уязвимость браузера Microsoft Edge, позволяющая нарушителю получить конфиденциальную информацию из памяти процесса
EPSS