header-logo
Suggest Exploit
vendor:
Internet Explorer
by:
theori-io
7,5
CVSS
HIGH
VBScript Memory Corruption in IE11
119
CWE
Product Name: Internet Explorer
Affected Version From: Internet Explorer 11
Affected Version To: Internet Explorer 11
Patch Exists: Yes
Related CWE: CVE-2016-0189
CPE: a:microsoft:internet_explorer:11
Metasploit: https://www.rapid7.com/db/modules/exploit/windows/browser/ms16_051_vbscript/
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows 10
2016

CVE-2016-0189

Proof-of-Concept exploit for CVE-2016-0189 (VBScript Memory Corruption in IE11). Tested on Windows 10 IE11. To run, download the support and exploit files, serve the directory using a webserver, and browse with a victim IE to vbscript_bypass_pm.html. Exploit-DB Mirror: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/40118.zip

Mitigation:

Disable VBScript in Internet Explorer, or use a different browser.
Source

Exploit-DB raw data:

Source: https://github.com/theori-io/cve-2016-0189

# CVE-2016-0189
Proof-of-Concept exploit for CVE-2016-0189 (VBScript Memory Corruption in IE11)

Tested on Windows 10 IE11.

### Write-up
http://theori.io/research/cve-2016-0189

### To run
1. Download `support/*.dll` (or compile \*.cpp for yourself) and `exploit/*.html` to a directory.
2. Serve the directory using a webserver (or python's simple HTTP server).
3. Browse with a victim IE to `vbscript_bypass_pm.html`.
4. (Re-fresh or re-open in case it doesn't work; It's not 100% reliable.)

Exploit-DB Mirror: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/40118.zip

Navigation

Suggest Exploit

Services By CQR