[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Remote code execution vulnerability in Javascript and Vbscript scripting engines - MS12-056

ID: oval:org.secpod.oval:def:6707Date: (C)2012-08-16   (M)2022-03-15
Class: PATCHFamily: windows




The host is missing a critical security update according to Microsoft security bulletin, MS12-056. The update is required to fix remote code execution vulnerability in Javascript and Vbscript scripting engines. A flaw is present in the application which is caused when the scripting engines attempt to reallocate memory while decoding a script in order to run it, an integer overflow could occur. Successful exploitation allows remote attacker to take complete control of an affected system remotely

Platform:
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Product:
Microsoft JScript
Microsoft VBScript
Reference:
MS12-056
CVE-2012-2523
CVE    1
CVE-2012-2523
CPE    12
cpe:/o:microsoft:windows_server_2008:r2:sp1:x64
cpe:/o:microsoft:windows_7::sp1:x64
cpe:/o:microsoft:windows_vista::sp2:x64
cpe:/o:microsoft:windows_7:::x64
...
XCCDF    8
xccdf_com.secpod_benchmark_microsoft-windows-server-2008
xccdf_com.secpod_benchmark_microsoft-windows-7
xccdf_com.secpod_benchmark_microsoft-windows-server-2008-r2
xccdf_scaprepo.com_benchmark_microsoft-windows-server-2008-r2
...

© SecPod Technologies