Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiAnonymousZDI-18-294
HistoryApr 11, 2018 - 12:00 a.m.

Microsoft Windows JScript String Manipulation Integer Overflow Remote Code Execution Vulnerability

2018-04-1100:00:00
Anonymous
www.zerodayinitiative.com
19

EPSS

0.148

Percentile

95.8%

JSON

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the code that implements various built-in string manipulation functions in JScript. By performing actions in JScript, an attacker can trigger an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code under the context of the current process.

Related

mscve 1
symantec 1
checkpoint_advisories 1
prion 3
nvd 3
cve 3
cvelist 3
nessus 9
mskb 9
kaspersky 2
openvas 7
talosblog 1
trendmicroblog 1
mscve
mscve
Scripting Engine Memory Corruption Vulnerability
2018-04-10 07:00:00
symantec
symantec
Microsoft Internet Explorer Scripting Engine CVE-2018-0996 Remote Memory Corruption Vulnerability
2018-04-10 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2018-0996)
2018-04-10 00:00:00
prion
prion
Remote code execution
2018-04-12 01:29:00
Remote code execution
2018-04-12 01:29:00
Remote code execution
2018-04-12 01:29:00
nvd
nvd
CVE-2018-0988
2018-04-12 01:29:07
CVE-2018-0996
2018-04-12 01:29:08
CVE-2018-1001
2018-04-12 01:29:09
cve
cve
CVE-2018-1001
2018-04-12 01:29:09
CVE-2018-0988
2018-04-12 01:29:07
CVE-2018-0996
2018-04-12 01:29:08
cvelist
cvelist
CVE-2018-0988
2018-04-12 01:00:00
CVE-2018-1001
2018-04-12 01:00:00
CVE-2018-0996
2018-04-12 01:00:00
nessus
nessus
Security Updates for Internet Explorer (April 2018)
2018-04-10 00:00:00
KB4093122: Windows Server 2012 April 2018 Security Update
2018-04-10 00:00:00
KB4093108: Windows 7 and Windows Server 2008 R2 April 2018 Security Update
2018-04-10 00:00:00
mskb
mskb
Cumulative security update for Internet Explorer: April 10, 2018
2018-04-10 07:00:00
April 10, 2018—KB4093123 (Monthly Rollup)
2018-04-10 07:00:00
April 10, 2018—KB4093118 (Monthly Rollup)
2018-04-10 07:00:00
kaspersky
kaspersky
KLA11222 Multiple vulnerabilities in Microsoft Browsers
2018-04-10 00:00:00
KLA11896 Multiple vulnerabilities in Microsoft Products (ESU)
2018-04-10 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4093118)
2018-04-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4093114)
2018-04-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4093111)
2018-04-11 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday - April 2018
2018-04-10 13:13:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of April 9, 2018
2018-04-13 15:37:14

EPSS

0.148

Percentile

95.8%

JSON
Related for ZDI-18-294
mscve1symantec1checkpoint_advisories1prion3nvd3cve3cvelist3nessus9mskb9kaspersky2openvas7talosblog1trendmicroblog1