Scripting Engine Memory Corruption Vulnerability in Microsoft Products
CVE-2016-0187

7.5HIGH

Key Information:

Vendor

Microsoft
Status
Jscript
Vbscript
Vendor
CVE Published:
11 May 2016

What is CVE-2016-0187?

The vulnerability allows remote attackers to execute arbitrary code or initiate a denial of service by exploiting memory corruption in the JScript and VBScript engines. When a user visits a specially crafted website, the susceptible versions of Internet Explorer can be compromised, leading to unauthorized code execution on the user's system. This attack vector highlights the risks of using outdated browsers and underscores the importance of applying security updates to mitigate potential threats.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/90011
vdb-entryx_refsource_BID
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS

EPSS Score

22% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.