关联漏洞
标题:
Microsoft Internet Explorer 缓冲区错误漏洞
(CVE-2018-8389)
描述:Microsoft Windows Server 2012等都是美国微软(Microsoft)公司发布的一系列操作系统。Internet Explorer(IE)是其中的一款Windows操作系统附带的Web浏览器。 Microsoft IE 9、10和11中脚本引擎处理内存对象的方式存在远程代码执行漏洞。远程攻击者可利用该漏洞在当前用户的上下文中执行任意代码,损坏内存。以下系统版本受到影响:Microsoft Windows Server 2012(Internet Explorer 10);Windo
介绍
# jscript.dll - ActiveXObject BSTR - Use After Free
# Vulnerability
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.
# Vulnerability Description
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
# CVE ID
CVE-2018-8389
# Vendor
www.microsoft.com
# Product
jscript.dll
# Disclosure Timeline
1. 09 January 2018 - Reported to vendor
2. 14 August 2018 - Coordinated public release of advisory
# Credits
Sudhakar Verma and Ashfaq Ansari - Project Srishti
# Vendor Advisory
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8389
文件快照
[4.0K] /data/pocs/abe87a9434a7a534a9c4c7568045a8f4b8b7b4c0
└── [1.2K] README.md
0 directories, 1 file
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。