Microsoft » Internet Explorer : Security Vulnerabilities Published In 2015
Microsoft Internet Explorer 9 through 11 improperly implements a cross-site scripting (XSS) protection mechanism, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, aka "Internet Explorer XSS Filter Bypass Vulnerability."
| Max Base Score | 6.8 |
| Published | 2015-12-09 |
| Updated | 2018-10-12 |
| EPSS | 1.87% |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6152.
| Max Base Score | 9.3 |
| Published | 2015-12-09 |
| Updated | 2018-10-12 |
| EPSS | 50.65% |
Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Browser ASLR Bypass."
| Max Base Score | 4.3 |
| Published | 2015-12-09 |
| Updated | 2018-10-12 |
| EPSS | 69.84% |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6140, CVE-2015-6142, CVE-2015-6143, CVE-2015-6153, CVE-2015-6158, and CVE-2015-6159.
| Max Base Score | 9.3 |
| Published | 2015-12-09 |
| Updated | 2018-10-12 |
| EPSS | 43.43% |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6140, CVE-2015-6142, CVE-2015-6143, CVE-2015-6153, CVE-2015-6158, and CVE-2015-6160.
| Max Base Score | 9.3 |
| Published | 2015-12-09 |
| Updated | 2018-10-12 |
| EPSS | 65.61% |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6140, CVE-2015-6142, CVE-2015-6143, CVE-2015-6153, CVE-2015-6159, and CVE-2015-6160.
| Max Base Score | 9.3 |
| Published | 2015-12-09 |
| Updated | 2018-10-12 |
| EPSS | 8.09% |
Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
| Max Base Score | 4.3 |
| Published | 2015-12-09 |
| Updated | 2018-10-12 |
| EPSS | 82.70% |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6148.
| Max Base Score | 9.3 |
| Published | 2015-12-09 |
| Updated | 2018-10-12 |
| EPSS | 50.65% |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
| Max Base Score | 9.3 |
| Published | 2015-12-09 |
| Updated | 2018-10-12 |
| EPSS | 8.09% |
Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6150.
| Max Base Score | 9.3 |
| Published | 2015-12-09 |
| Updated | 2018-10-12 |
| EPSS | 14.86% |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6140, CVE-2015-6142, CVE-2015-6143, CVE-2015-6158, CVE-2015-6159, and CVE-2015-6160.
| Max Base Score | 9.3 |
| Published | 2015-12-09 |
| Updated | 2018-10-12 |
| EPSS | 14.86% |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6162.
| Max Base Score | 9.3 |
| Published | 2015-12-09 |
| Updated | 2020-06-24 |
| EPSS | 88.48% |
Microsoft Internet Explorer 8 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6083.
| Max Base Score | 9.3 |
| Published | 2015-12-09 |
| Updated | 2018-10-12 |
| EPSS | 65.61% |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6154.
| Max Base Score | 9.3 |
| Published | 2015-12-09 |
| Updated | 2018-10-12 |
| EPSS | 43.43% |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6147.
| Max Base Score | 9.3 |
| Published | 2015-12-09 |
| Updated | 2018-10-12 |
| EPSS | 43.43% |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6156.
| Max Base Score | 9.3 |
| Published | 2015-12-09 |
| Updated | 2018-10-12 |
| EPSS | 65.61% |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6149.
| Max Base Score | 9.3 |
| Published | 2015-12-09 |
| Updated | 2018-10-12 |
| EPSS | 43.43% |
Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6145.
| Max Base Score | 9.3 |
| Published | 2015-12-09 |
| Updated | 2018-10-12 |
| EPSS | 50.65% |
Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6146.
| Max Base Score | 9.3 |
| Published | 2015-12-09 |
| Updated | 2018-10-12 |
| EPSS | 50.65% |
Microsoft Internet Explorer 8 through 11 and Microsoft Edge mishandle HTML attributes in HTTP responses, which allows remote attackers to bypass a cross-site scripting (XSS) protection mechanism via unspecified vectors, aka "Microsoft Browser XSS Filter Bypass Vulnerability."
| Max Base Score | 4.3 |
| Published | 2015-12-09 |
| Updated | 2018-10-12 |
| EPSS | 3.29% |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6140, CVE-2015-6142, CVE-2015-6153, CVE-2015-6158, CVE-2015-6159, and CVE-2015-6160.
| Max Base Score | 9.3 |
| Published | 2015-12-09 |
| Updated | 2018-10-12 |
| EPSS | 43.43% |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6140, CVE-2015-6143, CVE-2015-6153, CVE-2015-6158, CVE-2015-6159, and CVE-2015-6160.
| Max Base Score | 9.3 |
| Published | 2015-12-09 |
| Updated | 2018-10-12 |
| EPSS | 65.61% |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6134.
| Max Base Score | 9.3 |
| Published | 2015-12-09 |
| Updated | 2018-10-12 |
| EPSS | 43.43% |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6142, CVE-2015-6143, CVE-2015-6153, CVE-2015-6158, CVE-2015-6159, and CVE-2015-6160.
| Max Base Score | 9.3 |
| Published | 2015-12-09 |
| Updated | 2018-10-12 |
| EPSS | 14.86% |
Microsoft Internet Explorer 11 and Microsoft Edge mishandle content types, which allows remote attackers to execute arbitrary web script in a privileged context via a crafted web site, aka "Microsoft Browser Elevation of Privilege Vulnerability."
| Max Base Score | 9.3 |
| Published | 2015-12-09 |
| Updated | 2018-10-12 |
| EPSS | 1.12% |