CERT-In Vulnerability Note
CIVN-2015-0254
Multiple Vulnerabilities in Microsoft Windows
Original Issue Date:October 14, 2015
Severity Rating: HIGH
Software Affected
- JScript 5.7 and VBScript 5.7 for Windows Vista Service Pack 2 (32 bit and x64 Edition)
- JScript 5.7 and VBScript 5.7 for Windows Server 2008 Service Pack 2 (32-bit Systems, x64-based Systems and Itanium-based Systems)
- JScript 5.7 and VBScript 5.7 for Windows Server 2008 Service Pack 2 (32-bit Systems and x64-based Systems Server Core Installation )
- JScript 5.8 and VBScript 5.8 for Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation only)
Overview
Multiple vulnerabilities have been reported in Microsoft Windows which could be exploited by a remote attacker to execute arbitrary code, gain privileges of the targeted user, cause denial of service conditions or access sensitive information on the targeted system.
Description
1. Multiple Scripting Engine Memory Corruption Vulnerabilities
(
CVE-2015-2482
CVE-2015-6055
)
Multiple remote code execution vulnerabilities exist in the VBScript and JScript engines due to improper handling of the objects in memory. A remote attacker could exploit these vulnerabilities by creating a specially crafted web page and enticing the user to visit this page or by embedding a "safe for initialization" ActiveX control in an application or Microsoft Office document hosting the IE rendering engine.
Successful exploitation of these vulnerabilities could allow an attacker to gain the privileges of the targeted user. If the targeted user is logged in with admin privileges, the attacker could gain complete control of the target system. Failed attacks may result in denial-of-service conditions (memory corruption).
Workaround
- Restrict access to VBScript.dll and JScript.dll
2. VBScript and JScript ASLR Bypass Vulnerability
(
CVE-2015-6052
)
A Security feature bypass vulnerability exists in the VBScript and JScript engines due to failure to use the Address Space Layout Randomization (ASLR) security feature. An unauthenticated, remote attacker could exploit this vulnerability by creating a specially crafted website and enticing a logged in user on a targeted system to view a malicious website.
Successful exploitation of this vulnerability could allow the attacker to bypass the ASLR security restrictions.
Workaround
- Restrict access to VBScript.dll
3. Scripting Engine Information Disclosure Vulnerability
(
CVE-2015-6059
)
An information disclosure vulnerability exists in the VBScript and JScript engines due to improper disclosure the contents of the memory. A remote attacker could exploit this vulnerability by creating a specially crafted website and enticing the user to visit this website.
Successful exploitation of this vulnerability could allow an attacker to gain access to sensitive information and could use it to launch further attacks.
Solution
Apply appropriate updates as mentioned in the Microsoft Security Bulletin
MS15-108
Vendor Information
Microsoft
https://technet.microsoft.com/en-us/library/security/ms15-108
References
Microsoft
https://technet.microsoft.com/en-us/library/security/ms15-108
Symantec
http://www.symantec.com/security_response/vulnerability.jsp?bid=77010
http://www.symantec.com/security_response/vulnerability.jsp?bid=77005
http://www.symantec.com/security_response/vulnerability.jsp?bid=77000
http://www.symantec.com/security_response/vulnerability.jsp?bid=77007
CVE Name
CVE-2015-2482
CVE-2015-6055
CVE-2015-6052
CVE-2015-6059
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Email: info@cert-in.org.in
Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
Electronics Niketan
6, CGO Complex, Lodhi Road,
New Delhi - 110 003
India
|