[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

VBScript and JScript Remote Code Execution Vulnerability - MS08-022

ID: oval:org.secpod.oval:def:2664Date: (C)2011-11-03   (M)2022-10-10
Class: PATCHFamily: windows




The host is missing a critical security update according to Microsoft bulletin, MS08-022. The update is required to fix a remote code execution vulnerability. A flaw is present in (1) VBScript (VBScript.dll) and (2) JScript (JScript.dll) scripting engines 5.1 and 5.6, as used in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2, which fail to decode the script. Successful exploitation could allow remote attackers to execute arbitrary code via unknown vectors.

Platform:
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Product:
Microsoft JScript
Reference:
MS08-022
CVE-2008-0083
CVE    1
CVE-2008-0083
CPE    12
cpe:/o:microsoft:windows_2000::sp4
cpe:/o:microsoft:windows_xp::sp1:64bit
cpe:/o:microsoft:windows_xp
cpe:/o:microsoft:windows_2003_server::sp1:itanium
...
XCCDF    4
xccdf_com.secpod_benchmark_microsoft-windows-2000
xccdf_com.secpod_benchmark_microsoft-windows-server-2003
xccdf_com.secpod_benchmark_microsoft-windows-xp
xccdf_scaprepo.com_benchmark_microsoft-windows-server-2003
...

© SecPod Technologies