Kaspersky LabKLA10472KLA10472 Multiple vulnerabilities in Internet Explorer
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.972 High
EPSS
Percentile
99.8%
Detect date:
03/10/2015
Severity:
Critical
Description:
Multiple critical vulnerabilities have been found in Internet Explorer. Malicious users can exploit these vulnerabilities to gain privilleges, execute arbitrary code, cause denial of service, inject arbitrary code or bypass security restrictions.
Affected products:
Microsoft Internet Explorer versions from 6 to 11
Solution:
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories:
Microsoft bulletin
CVE-2015-0032
CVE-2015-1622
CVE-2015-1634
CVE-2015-1624
CVE-2015-1623
CVE-2015-0072
CVE-2015-0099
CVE-2015-0100
CVE-2015-1626
CVE-2015-1625
CVE-2015-1627
CVE-2015-0056
Impacts:
ACE
Related products:
CVE-IDS:
CVE-2015-00329.3Critical
CVE-2015-16229.3Critical
CVE-2015-16349.3Critical
CVE-2015-16249.3Critical
CVE-2015-16239.3Critical
CVE-2015-00724.3Warning
CVE-2015-00999.3Critical
CVE-2015-01009.3Critical
CVE-2015-16269.3Critical
CVE-2015-16259.3Critical
CVE-2015-16274.3Warning
CVE-2015-00569.3Critical
Microsoft official advisories:
KB list:
3030630
3030398
3032359
3030403
Exploitation:
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
References
support.microsoft.com/kb/3030398
support.microsoft.com/kb/3030403
support.microsoft.com/kb/3030630
support.microsoft.com/kb/3032359
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0032
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0056
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0072
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0099
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0100
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1622
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1623
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1624
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1625
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1626
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1627
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1634
portal.msrc.microsoft.com/en-us/security-guidance
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0032
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0056
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0072
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0099
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0100
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1622
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1623
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1624
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1625
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1626
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1627
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1634
statistics.securelist.com/vulnerability-scan/month
technet.microsoft.com/en-us/library/security/ms15-018.aspx
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Internet-Explorer/
Related
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.972 High
EPSS
Percentile
99.8%