New Search

JScript Remote Code Execution Vulnerability

oval:org.mitre.oval:def:6316

The JScript scripting engine 5.1 5.6 5.7 and 5.8 in JScript.dll in Microsoft Windows as used in Internet Explorer does not properly load decoded scripts into memory before execution which allows remote attackers to execute arbitrary code via a crafted web site that triggers memory corruption aka "JScript Remote Code Execution Vulnerability."

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Vista
  • Microsoft Windows Server 2008
  • Microsoft Windows XP
  • Microsoft Windows 2000
  • Microsoft Windows Server 2003
Class:
vulnerability
Reference(s):
  • CVE-2009-1920
Product(s):
  • JScript Scripting Engine