CVE-2014-0271

CWE-119Buffer Overflow3 documents3 sources
Severity
9.3CRITICAL
EPSS
43.2%
top 2.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft Internet ExplorerMicrosoft Vbscript
Timeline
PublishedFeb 12
Latest updateMay 14

Description

The VBScript engine in Microsoft Internet Explorer 6 through 11, and VBScript 5.6 through 5.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScript Memory Corruption Vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDmicrosoft/vbscript5.6, 5.7, 5.8+2
NVDmicrosoft/internet_explorer6 versions+5

🔴Vulnerability Details

2
GHSA
GHSA-7579-729j-m9g7: The VBScript engine in Microsoft Internet Explorer 6 through 11, and VBScript 52022-05-14
CVEList
CVE-2014-0271: The VBScript engine in Microsoft Internet Explorer 6 through 11, and VBScript 52014-02-12
CVE-2014-0271 (CRITICAL CVSS 9.3) | The VBScript engine in Microsoft In | cvebase.io