Severity Rating: Important
Revision Note: V1.0 (May 12, 2015): Bulletin published.
Summary: This security update resolves ASLR security feature bypasses in the JScript and VBScript scripting engines in Microsoft Windows. An attacker could use an ASLR bypass in conjunction with another vulnerability, such as a remote code execution vulnerability, that could take advantage of the ASLR bypass to run arbitrary code. For example, a remote code execution vulnerability that is blocked by ASLR could be exploited after a successful ASLR bypass.
Continue reading...
Revision Note: V1.0 (May 12, 2015): Bulletin published.
Summary: This security update resolves ASLR security feature bypasses in the JScript and VBScript scripting engines in Microsoft Windows. An attacker could use an ASLR bypass in conjunction with another vulnerability, such as a remote code execution vulnerability, that could take advantage of the ASLR bypass to run arbitrary code. For example, a remote code execution vulnerability that is blocked by ASLR could be exploited after a successful ASLR bypass.
Continue reading...
