CVE-2011-0031Sensitive Information Exposure in Microsoft Windows Server 2008

CWE-200Sensitive Information Exposure6 documents5 sources
Severity
4.3MEDIUMNVD
EPSS
34.7%
top 2.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Windows Server 2008
Timeline
PublishedFeb 9
Latest updateMay 3

Description

The (1) JScript 5.8 and (2) VBScript 5.8 scripting engines in Microsoft Windows Server 2008 R2 and Windows 7 do not properly load decoded scripts obtained from web pages, which allows remote attackers to trigger memory corruption and consequently obtain sensitive information via a crafted web site, aka "Scripting Engines Information Disclosure Vulnerability."

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

1
GHSA
GHSA-xg95-3326-8h9q: The (1) JScript 52022-05-03

💥Exploits & PoCs

1
Exploit-DB
Apache 2.2 - Scoreboard Invalid Free On Shutdown2012-01-11

🕵️Threat Intelligence

1
Zscaler
Zscaler found Multiple Security Vulnerabilities | 02-08-2011

💬Community

1
Bugzilla
CVE-2012-0031 httpd: possible crash on shutdown due to flaw in scoreboard handling2012-01-12