MS Internet Explorer 'VBScript' Remote Code Execution Vulnerability Network Vulnerability

Summary

The host is installed with Internet Explorer and VBScript and is prone to Remote Code Execution vulnerability.

Impact

Successful exploitation will allow remote attackers to execute arbitrary code via specially crafted attack. Impact Level: System

Solution

Apply the latest updates. For more information refer, http://technet.microsoft.com/en-us/security/advisory/981169

Insight

The flaw exists in the way that 'VBScript' interacts with Windows Help files when using Internet Explorer. If a malicious Web site displayed a specially crafted dialog box and a user pressed the F1 key, it allows arbitrary code to be executed in the security context of the currently logged-on user.

Affected

Microsoft Internet Explorer version 6.x, 7.x, 8.x

Severity

Classification

CVE CVE-2010-0483
CVSS Base Score: 7.6
AV:N/AC:H/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Windows Messenger is installed
Microsoft Windows XP SP3 denial of service vulnerability
Mozilla/Firefox user interface spoofing
Symantec Anti Virus Corporate Edition Check
Stuxnet Detection

Take action and discover your vulnerabilities