|
Description
|
|
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an error within the VBScript engine, which can be exploited to corrupt memory.
Successful exploitation allows execution of arbitrary code.
|
|
|
|
|
|
Vulnerable Products
|
|
Vulnerable OS:
Microsoft Windows Server 2003 Datacenter EditionMicrosoft Windows Server 2003 Enterprise EditionMicrosoft Windows Server 2003 Standard EditionMicrosoft Windows Server 2003 Web EditionMicrosoft Windows Server 2008Microsoft Windows Storage Server 2003Microsoft Windows VistaVulnerable Software:
|
|
|
|
|
|
Solution
|
|
Apply update.-- VBScript 5.6 --Windows Server 2003 Service Pack 2:https://www.microsoft.com/downloads/details.aspx?FamilyID=68d8d6ba-98fd-464d-a3e0-d31f4f00deeeWindows Server 2003 x64 Edition Service Pack 2:https://www.microsoft.com/downloads/details.aspx?FamilyID=96d06eb8-ae62-4696-974c-19841a0d8668Windows Server 2003 with SP2 for Itanium-based Systems:https://www.microsoft.com/downloads/details.aspx?FamilyID=0cd4d01b-2fb8-4039-bbd9-1659d27dca7c-- VBScript 5.7 --Windows Server 2003 Service Pack 2:https://www.microsoft.com/downloads/details.aspx?FamilyID=7264c2cd-a7a4-4724-bedb-07e87f2f962bWindows Server 2003 x64 Edition Service Pack 2:https://www.microsoft.com/downloads/details.aspx?FamilyID=2f28cc3a-3257-41d7-ada5-2ae2e85390f9Windows Server 2003 with SP2 for Itanium-based Systems:https://www.microsoft.com/downloads/details.aspx?FamilyID=312f2491-5271-4fab-945b-784eb3564fccWindows Vista Service Pack 2:https://www.microsoft.com/downloads/details.aspx?FamilyID=c09cd07b-79ec-48bf-aecd-456029ccebd2Windows Vista x64 Edition Service Pack 2:https://www.microsoft.com/downloads/details.aspx?FamilyID=43c8781f-6379-4363-bcfc-858ba0c1453cWindows Server 2008 for 32-bit Systems Service Pack 2:https://www.microsoft.com/downloads/details.aspx?FamilyID=d151eeaa-c40a-4d2d-a02a-901034baa76aWindows Server 2008 for x64-based Systems Service Pack 2:https://www.microsoft.com/downloads/details.aspx?FamilyID=c9dbffb5-a703-4db1-89ac-7a87ee76d6b4Windows Server 2008 for Itanium-based Systems Service Pack 2:https://www.microsoft.com/downloads/details.aspx?FamilyID=4d268e05-3660-462d-ace0-012e44d89299Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Coreinstallation):https://www.microsoft.com/downloads/details.aspx?FamilyID=d151eeaa-c40a-4d2d-a02a-901034baa76aWindows Server 2008 for x64-based Systems Service Pack 2 (Server Coreinstallation):https://www.microsoft.com/downloads/details.aspx?FamilyID=c9dbffb5-a703-4db1-89ac-7a87ee76d6b4-- VBScript 5.8 --Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Coreinstallation):https://www.microsoft.com/downloads/details.aspx?FamilyID=43526aa3-da6f-4de0-96c3-77c387f8b77a
|
|
|
|
|
|
CVE
|
|
CVE-2015-0032
|
|
|
|
|
|
References
|
|
MS15-019 (KB3040297
KB3030403
KB3030398
KB3030630):
https://technet.microsoft.com/library/security/MS15-019
|
|
|
|
|
|
Vulnerability Manager Detection
|
|
No
|
|
|
|
|
|
IPS Protection
|
|
|
|
|
|
|
