CVE-2021-34448
Scripting Engine Memory Corruption Vulnerability
In short
A flaw in the scripting engine allows attackers to corrupt memory by sending specially crafted input, potentially causing the application to crash or behave unexpectedly. This vulnerability requires user interaction or specific conditions to be exploited.
Technical detail
CWE-787 (Out-of-bounds Write) in the scripting engine allows an attacker to write beyond allocated buffer boundaries through malformed script input. Exploitation typically requires script execution context and can result in denial of service or potential code execution depending on memory layout and mitigations.
Summary generated and translated by AI from the official description.
Scripting Engine Memory Corruption Vulnerability
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C
Affected products
Microsoft · Windows 10 Version 1507Microsoft · Windows 10 Version 1607Microsoft · Windows 10 Version 1809Microsoft · Windows 10 Version 1909Microsoft · Windows 10 Version 2004Microsoft · Windows 10 Version 20H2Microsoft · Windows 10 Version 21H1Microsoft · Windows 7Microsoft · Windows 7 Service Pack 1Microsoft · Windows 8.1Microsoft · Windows Server 2008 R2 Service Pack 1Microsoft · Windows Server 2012Microsoft · Windows Server 2012 R2Microsoft · Windows Server 2016Microsoft · Windows Server 2019Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →