Microsoft : Security Vulnerabilities, CVEs, Published In December 2015 (Information Leak)
Microsoft Silverlight 5 before 5.1.41105.00 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Silverlight Information Disclosure Vulnerability," a different vulnerability than CVE-2015-6114.
Max CVSS
4.3
EPSS Score
9.98%
Published
2015-12-09
Updated
2018-10-12
Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Browser ASLR Bypass."
Max CVSS
4.3
EPSS Score
81.14%
Published
2015-12-09
Updated
2018-10-12
Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
Max CVSS
4.3
EPSS Score
29.20%
Published
2015-12-09
Updated
2018-10-12
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability."
Max CVSS
5.0
EPSS Score
8.25%
Published
2015-12-09
Updated
2018-10-12
CVE-2015-6127
Public exploit
Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows remote attackers to read arbitrary files via a crafted .mcl file, aka "Windows Media Center Information Disclosure Vulnerability."
Max CVSS
4.3
EPSS Score
85.53%
Published
2015-12-09
Updated
2019-05-15
Microsoft Silverlight 5 before 5.1.41105.00 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Silverlight Information Disclosure Vulnerability," a different vulnerability than CVE-2015-6165.
Max CVSS
4.3
EPSS Score
9.98%
Published
2015-12-09
Updated
2018-10-12
6 vulnerabilities found