Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft vbscript - vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2010-3886
The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft mshtml.dll uses a certain pointer value as part of producing Timer ID values for the setTimeout and setInterval methods in VBScript and JScript, which allows remote malicious users to obtain sensitive information ...
Microsoft Internet Explorer 8
1 EDB exploit
9.3
CVSSv2
CVE-2014-6332
OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote malicious users to execute arbitrary code via a craft...
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Rt -
Microsoft Windows 8.1 -
Microsoft Windows Server 2008 -
Microsoft Windows 7 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Vista -
Microsoft Windows 8 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2003 -
9 EDB exploits
10 Github repositories
9 Articles
9.3
CVSSv2
CVE-2017-0199
Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote malicious users to execute arbitrary code via a crafted document, aka "Micros...
Microsoft Office 2007
Microsoft Windows 7
Microsoft Office 2013
Microsoft Office 2010
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Office 2016
Microsoft Windows Server 2008
Microsoft Windows Server 2012 -
3 EDB exploits
46 Github repositories
26 Articles
4.3
CVSSv2
CVE-2007-3576
Microsoft Internet Explorer 6 executes web script from URIs of arbitrary scheme names ending with the "script" character sequence, using the (1) vbscript: handler for scheme names with 7 through 9 characters, and the (2) javascript: handler for scheme names with 10 or m...
Microsoft Internet Explorer 6
7.6
CVSSv2
CVE-2020-0674
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0710, CVE-2020-0711, CVE-2020-071...
Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
6 Github repositories
8 Articles
7.5
CVSSv2
CVE-2002-1262
Internet Explorer 5.5 and 6.0 does not perform complete security checks on external caching, which allows remote malicious users to read arbitrary files.
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.0
7.5
CVSSv2
CVE-2003-0816
Internet Explorer 6 SP1 and previous versions allows remote malicious users to bypass zone restrictions by (1) using the NavigateAndFind method to load a file: URL containing Javascript, as demonstrated by NAFfileJPU, (2) using the window.open method to load a file: URL containin...
Microsoft Ie 6.0
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 5.0.1
Microsoft Internet Explorer 6.0
2 EDB exploits
10
CVSSv2
CVE-2001-0538
Microsoft Outlook View ActiveX Control in Microsoft Outlook 2002 and previous versions allows remote malicious users to execute arbitrary commands via a malicious HTML e-mail message or web page.
Microsoft Outlook
2 EDB exploits
7.6
CVSSv2
CVE-2006-5745
Unspecified vulnerability in the setRequestHeader method in the XMLHTTP (XML HTTP) ActiveX Control 4.0 in Microsoft XML Core Services 4.0 on Windows, when accessed by Internet Explorer, allows remote malicious users to execute arbitrary code via crafted arguments that lead to mem...
Microsoft Xml Core Services 4.0
4 EDB exploits
7.5
CVSSv2
CVE-2004-0727
Microsoft Internet Explorer 6.0.2800.1106 on Microsoft Windows XP SP2, and other versions including 5.01 and 5.5, allows remote web servers to bypass zone restrictions and execute arbitrary code in the local computer zone by redirecting a function to another function with the sam...
Microsoft Internet Explorer 6.0.2800.1106
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9