CVE-2015-2406

2015-07-1421:59:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2015-2406

microsoft

internet explorer

memory corruption

remote code execution

denial of service

nvd

7.5 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.376 Low

EPSS

Percentile

97.2%

JSON

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Internet Explorer Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2385, CVE-2015-2390, CVE-2015-2397, CVE-2015-2404, and CVE-2015-2422.

CPENameOperatorVersion
microsoft:internet_explorermicrosoft internet explorereq10
microsoft:internet_explorermicrosoft internet explorereq8
microsoft:internet_explorermicrosoft internet explorereq7
microsoft:internet_explorermicrosoft internet explorereq11
microsoft:internet_explorermicrosoft internet explorereq6
microsoft:internet_explorermicrosoft internet explorereq9

CPE	Name	Operator	Version
microsoft:internet_explorer	microsoft internet explorer	eq	10
microsoft:internet_explorer	microsoft internet explorer	eq	8
microsoft:internet_explorer	microsoft internet explorer	eq	7
microsoft:internet_explorer	microsoft internet explorer	eq	11
microsoft:internet_explorer	microsoft internet explorer	eq	6
microsoft:internet_explorer	microsoft internet explorer	eq	9