Computer Security
[EN] no-pyccku

Microsoft Windows JavaScript engine memory corruption
SecurityVulns ID:10212
Threat Level:
Description:Memory corruption on "arguments" keyword parsing.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
CVE:CVE-2009-1920 (The JScript scripting engine 5.1, 5.6, 5.7, and 5.8 in JScript.dll in Microsoft Windows, as used in Internet Explorer, does not properly load decoded scripts into memory before execution, which allows remote attackers to execute arbitrary code via a crafted web site that triggers memory corruption, aka "JScript Remote Code Execution Vulnerability.")
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS09-045 - Critical Vulnerability in JScript Scripting Engine Could Allow Remote Code Execution (971961) (09.09.2009)
 documentZDI, ZDI-09-062: Microsoft Internet Explorer JScript arguments Invocation Memory Corruption Vulnerability (09.09.2009)
Files:Microsoft Security Bulletin MS09-045 - Critical: Vulnerability in JScript Scripting Engines could allow remote code execution

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod