Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2015-2440
HistoryAug 15, 2015 - 12:59 a.m.

CVE-2015-2440

2015-08-1500:59:12
CWE-200
[email protected]
web.nvd.nist.gov
27
cve-2015-2440
microsoft xml core services
aslr bypass
crafted web site
nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.728 High

EPSS

Percentile

98.1%

JSON

Microsoft XML Core Services 3.0, 5.0, and 6.0 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka “MSXML Information Disclosure Vulnerability.”

Affected configurations

NVD
Node
microsoftxml_core_servicesMatch3.0
OR
microsoftxml_core_servicesMatch5.0
OR
microsoftxml_core_servicesMatch6.0

Related

cvelist 1
nvd 1
zdi 1
symantec 1
prion 1
openvas 2
mskb 1
nessus 1
kaspersky 1
securityvulns 1
cvelist
cvelist
CVE-2015-2440
2015-08-15 00:00:00
nvd
nvd
CVE-2015-2440
2015-08-15 00:59:12
zdi
zdi
Microsoft MSXML generate-id Information Disclosure Vulnerability
2015-08-11 00:00:00
symantec
symantec
Microsoft XML Core Services CVE-2015-2440 Information Disclosure Vulnerability
2015-08-11 00:00:00
prion
prion
Information disclosure
2015-08-15 00:59:00
openvas
openvas
Microsoft Office XML Core Services Information Disclosure Vulnerability (3080129)
2015-08-12 00:00:00
Microsoft Windows XML Core Services Information Disclosure Vulnerability (3080129)
2015-08-12 00:00:00
mskb
mskb
MS15-084: Vulnerabilities in XML core services could allow information disclosure: August 11, 2015
2015-08-11 00:00:00
nessus
nessus
MS15-084: Vulnerabilities in XML Core Services Could Allow Information Disclosure (3080129)
2015-08-11 00:00:00
kaspersky
kaspersky
KLA10646 Multiple vulnerabilities in Microsoft Windows
2015-08-11 00:00:00
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2015-08-24 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.728 High

EPSS

Percentile

98.1%

JSON
Related for CVE-2015-2440
cvelist1nvd1zdi1symantec1prion1openvas2mskb1nessus1kaspersky1securityvulns1