CVE-2011-0663

8.8 HIGH

Published: April 13, 2011 Modified: April 29, 2026

Description

Multiple integer overflows in the Microsoft (1) JScript 5.6 through 5.8 and (2) VBScript 5.6 through 5.8 scripting engines allow remote attackers to execute arbitrary code via a crafted web page, aka "Scripting Memory Reallocation Vulnerability."

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://osvdb.org/71774

Source: secure@microsoft.com

http://secunia.com/advisories/44162

Source: secure@microsoft.com

http://www.securityfocus.com/bid/47249

Source: secure@microsoft.com

http://www.securitytracker.com/id?1025333

Source: secure@microsoft.com

http://www.us-cert.gov/cas/techalerts/TA11-102A.html

Source: secure@microsoft.com

US Government Resource

http://www.vupen.com/english/advisories/2011/0949

Source: secure@microsoft.com

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-031

Source: secure@microsoft.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12673

Source: secure@microsoft.com

http://osvdb.org/71774