Microsoft VBScript Reg­Exp­Comp::Pnode­Parse Out-of-Bounds Read Vulnerability


Description   (#An out-of-bounds read vulnerability has been identified in VBScript.#A remote attacker could exploit it by enticing their victim into visiting a specially crafted webpage in order to disclose contents of memory.##The vulnerability located in the function "Reg­Exp­Comp::Pnode­Parse()", stems from an improper regular expression analyze when the end of string character ("\0") is preceded by a backslash ("\"), he will be not interpreted like an end of string, allowing thereby access to unauthorized adjacent information.##The following products are affected:#- Internet Explorer : versions 8, 9, 10 and 11#- IIS : if Active Server Pages option which allow VBScript execution is enable#- Windows : Windows Script Host software provided by Windows is vulnerable.##A proof of concept is available.)
     
Vulnerable Products   Vulnerable Software:
IIS (Microsoft) - Internet Explorer (Microsoft) - 10, 11, 8.0, 9.0Scripting Host (Microsoft) - 5.1, 5.5
     
Solution   - disable VBScript on the browser.
     
CVE  
     
References   - SkyLined : MSIE VBScript RegExpComp::PnodeParse out-of-bounds read
http://blog.skylined.nl/20161108001.html
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
Web 2.0 : Detection of visual basic script embedded in web page
5.0.0
     


 
 
 
 
 Risk level 
Moderate 

 Vulnerability First Public Report Date 
2016-11-10 

 Target Type 
Client 

 Possible exploit 
Remote