Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

S-255: Vulnerability in VBScript and JScript Scripting Engines

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) S-255: Vulnerability in VBScript and JScript Scripting Engines
# 1  
Old 04-09-2008
S-255: Vulnerability in VBScript and JScript Scripting Engines
A remote code execution vulnerability exists in the way that the VBScript and JScript scripting engines decode script in Web pages. This vulnerability could allow remote code execution if a user opened a specially crafted file or visited a Web site that is running specially crafted script. The risk is MEDIUM. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

6 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Spliting a line after 255 characters.

Hi Guys, I have a file which contains multiple lines. I need to split each line 255 characters and then I need to add call statement in the front and semi colon at the end. I/P: call sp_rebuildindex('aaa.aaa','column column column column column column column column column column ... (4 Replies)
Discussion started by: Booo
4 Replies

2. Shell Programming and Scripting

echo !SR | nc 255.255.2.2 80 - how to in XP?

Hi guys I am trying to interface with an old industrial scanner through an old PC with an old network card and a copy of Linux. It now needs to speak to a Windows XP machine, but I have no idea what the Windows equivalent of these functions would are: echo !1 | nc 255.255.2.2 80 echo ?2 | nc... (3 Replies)
Discussion started by: TonyG
3 Replies

3. Shell Programming and Scripting

sed limitation of 255 characters

Gurus, sed -e "s/\(.\{1,255\}\)\(.\{1,2\}\)\(.*\)/\1AB\3/" FILE ---this works sed -e "s/\(.\{1,468\}\)\(.\{1,2\}\)\(.*\)/\1AB\3/" FILE ---this does not It works only till 1,255 ( any number below 255 works) Any one know how to increase this limit. Thanks Sirababu (4 Replies)
Discussion started by: sirababu
4 Replies

4. Solaris

Exit status 255 on sftp

HI guys When i try SFTP to a machine using a user account whose entry in /etc/passwd as follows user:x:8005:508::/export/home/user:/bin/false and i am not placed my keys over there i am using the password option in the sftp Since the keys are not there it ask for the password ... (5 Replies)
Discussion started by: GIC1986
5 Replies

5. Programming

make[1] *** [libsupp.a] Error 255

I have searched google and these forums as well. I am trying to compile proftpd on a vanilla Solaris 10 server and I am getting an error when I try to 'make' Server - Solaris 10 update 4 Installed packages from sunfreeware.com autoconf-2.60-sol10-sparc-local... (2 Replies)
Discussion started by: jjsoladmin
2 Replies

6. Shell Programming and Scripting

I dont want to know any search engines

I just want to know where I can download it on this website plz (1 Reply)
Discussion started by: memattmyself
1 Replies
Login or Register to Ask a Question

LEARN ABOUT ULTRIX

userfile

USERFILE(5)							File Formats Manual						       USERFILE(5)

Name
       USERFILE - defines uucp security

Syntax
       /usr/lib/uucp/USERFILE

Description
       The  utility  uses the USERFILE to establish what access a remote system can have to the local system.  An entry should exist for each sys-
       tem.  If no entries exist for a particular system, the default entries are used.  The entries for particular  systems  have  the  following
       format:

       login-name , node-name X # path-name

       login-name
		 The name with which the remote system logs in.

       node-name The name of the remote node.

       X#	 The  execution  level	for  the remote system.  The remote system can execute commands defined in the file that have an execution
		 level less than or equal to the number #.

       path-name The remote system can access anything at the local system with this prefix.

       Two entries must also be provided for systems not otherwise listed:

	    remote, X# path-name ...
	    local, X# path-name ...

       These entries define the execution level and access pathnames for the local system and all remote systems not defined by specific entries.

Examples
       remote, X1 /usr/spool/uucppublic
       local, X9 /
       max,systemY /usr/sources /usr/src/share
       max,systemZ X3 /usr
       In the above example, the node named systemY with the login name max has access to anything with the pathname prefixes and The  node  named
       systemZ	with  the  login  name max can execute commands defined in with an execution level of 3 or lower.  It can access anything with the
       pathname prefix

       Any other remote systems can execute commands defined in with an execution level of 1 or 0.  They can access  anything  with  the  pathname
       prefix of

       Users on the local system can execute any of the commands defined in and access anything on the system.

See Also
       Guide to the uucp Utility

																       USERFILE(5)