Signature Detail

HTTP: Microsoft Windows JScript Scripting Engine Remote Code Execution

This signature detects attempts to exploit a known vulnerability in the Microsoft Windows JScript Scripting Engine. A successful attack can lead to arbitrary code execution.

Extended Description

Microsoft JScript is prone to a remote code-execution vulnerability because it fails to adequately handle user-supplied input. Attackers can leverage this issue by enticing unsuspecting users to view a malicious webpage. Successful exploits would allow arbitrary code to run with the privileges of the currently logged-in user.

Affected Products

• Avaya Messaging Application Server MM 1.1
• Avaya Messaging Application Server MM 2.0
• Avaya Messaging Application Server MM 3.0
• Avaya Messaging Application Server MM 3.1
• Avaya Messaging Application Server
• Microsoft JScript 5.1
• Microsoft JScript 5.6
• Microsoft JScript 5.7
• Microsoft JScript 5.8
• Nortel Networks CallPilot 1002Rp
• Nortel Networks CallPilot 1005R
• Nortel Networks CallPilot 201I
• Nortel Networks CallPilot 202I
• Nortel Networks CallPilot 703T
• Nortel Networks Contact Center Administration
• Nortel Networks Contact Center Express
• Nortel Networks Contact Center Manager Server
• Nortel Networks Contact Center NCC
• Nortel Networks Contact Center - TAPI Server
• Nortel Networks Self-Service - CCSS7
• Nortel Networks Self-Service CCXML
• Nortel Networks Self-Service MPS 100
• Nortel Networks Self-Service MPS 1000
• Nortel Networks Self-Service MPS 500
• Nortel Networks Self-Service Peri Application
• Nortel Networks Self-Service Peri Workstation
• Nortel Networks Self-Service Speech Server
• Nortel Networks Self Service VoiceXML
• Nortel Networks Self-Service WVADS
• Nortel Networks Symposium Agent

References

• BugTraq: 36224
• CVE: CVE-2009-1920