Lucene search
HistoryDec 09, 2015 - 11:59 a.m.
CVE-2015-6144
cve-2015-6144
microsoft
internet explorer
edge
xss
http
security vulnerability
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.1 Medium
AI Score
Confidence
High
0.031 Low
EPSS
Percentile
91.1%
Microsoft Internet Explorer 8 through 11 and Microsoft Edge mishandle HTML attributes in HTTP responses, which allows remote attackers to bypass a cross-site scripting (XSS) protection mechanism via unspecified vectors, aka “Microsoft Browser XSS Filter Bypass Vulnerability.”
Affected configurations
Node
microsoftinternet_explorerMatch8
ORmicrosoftinternet_explorerMatch9
ORmicrosoftinternet_explorerMatch10
ORmicrosoftinternet_explorerMatch11-
Related
prion
prion
Cross site scripting
2015-12-09 11:59:00
cvelist
cvelist
CVE-2015-6144
2015-12-09 11:00:00
nvd
nvd
CVE-2015-6144
2015-12-09 11:59:27
symantec
symantec
mskb
mskb
MS15-124: Cumulative Security Update for Internet Explorer: December 8, 2015
2015-12-08 00:00:00
nessus
nessus
MS15-124: Cumulative Security Update for Internet Explorer (3116180)
2015-12-08 00:00:00
openvas
openvas
Microsoft Internet Explorer Multiple Vulnerabilities (3116180)
2015-12-09 00:00:00
kaspersky
kaspersky
KLA10720 Multiple vulnerabilities in Microsoft Internet Explorer & Edge
2015-12-08 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.1 Medium
AI Score
Confidence
High
0.031 Low
EPSS
Percentile
91.1%
Related for CVE-2015-6144