SecurityHome.eu MS15-053 - Important: Vulnerabilities in JScript and VBScript Scripting Engines Could Allow Security Feature Bypass (3057263)

Home / bulletins

MS15-053 - Important: Vulnerabilities in JScript and VBScript Scripting Engines Could Allow Security Feature Bypass (3057263) - Version: 1.0
Posted on 13 May 2015
There is an newer version: MS15-053 - Version: 1.1
Important
Severity Rating: Important
Revision Note: V1.0 (May 12, 2015): Bulletin published.
Summary: This security update resolves ASLR security feature bypasses in the JScript and VBScript scripting engines in Microsoft Windows. An attacker could use an ASLR bypass in conjunction with another vulnerability, such as a remote code execution vulnerability, that could take advantage of the ASLR bypass to run arbitrary code. For example, a remote code execution vulnerability that is blocked by ASLR could be exploited after a successful ASLR bypass.
Link
Other versions
MS15-053 - Version: 1.0
MS15-053 - Version: 1.1

TOP

Bulletins :

4053440 - Securely opening Microsoft Office documents that contain Dynamic Data Exchange (DDE) fields - Version: 2.0 -
4056318 - Guidance for securing AD DS account used by Azure AD Connect for directory synchronization - Version: 1.0 -
4053440 - Securely opening Microsoft Office documents that contain Dynamic Data Exchange (DDE) fields - Version: 1.0 -
MS14-085 - Important: Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure (3013126) - 1.1
MS16-JUL Security Bulletin Summary for July 2016 - 2.0

Last 20

Exploits :

Customer Support System 1.0 Cross Site Scripting
Xhibiter NFT Marketplace 1.10.2 SQL Injection
WordPress WPCode Lite 2.1.14 Cross Site Scripting
Azon Dominator Affiliate Marketing Script SQL Injection
Simple Laboratory Management System 1.0 SQL Injection

Last 20