CVE-2011-0663

CWE-189CWE-190Integer Overflow3 documents3 sources
Severity
8.8HIGH
EPSS
27.9%
top 3.54%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft JscriptMicrosoft Vbscript
Timeline
PublishedApr 13
Latest updateMay 13

Description

Multiple integer overflows in the Microsoft (1) JScript 5.6 through 5.8 and (2) VBScript 5.6 through 5.8 scripting engines allow remote attackers to execute arbitrary code via a crafted web page, aka "Scripting Memory Reallocation Vulnerability."

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

NVDmicrosoft/jscript5.6, 5.7, 5.8+2
NVDmicrosoft/vbscript5.6, 5.7, 5.8+2

🔴Vulnerability Details

2
GHSA
GHSA-c63x-h9v9-hmcr: Multiple integer overflows in the Microsoft (1) JScript 52022-05-13
CVEList
CVE-2011-0663: Multiple integer overflows in the Microsoft (1) JScript 52011-04-13
CVE-2011-0663 (HIGH CVSS 8.8) | Multiple integer overflows in the M | cvebase.io