Scripting Engine Obtain Sensitive Information Vulnerability
8 Dec. 2015
Summary
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability."
Vulnerable Systems:
* Internet Explorer 8 through 11
Microsoft VBScript and JScript are prone to an information disclosure vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks.