Lucene search

Kaspersky LabKLA10594

HistoryJun 09, 2015 - 12:00 a.m.

KLA10594 Multiple vulnerabilities in Microsoft Internet Explorer

2015-06-0900:00:00

Kaspersky Lab

threats.kaspersky.com

118

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.877

Percentile

98.7%

JSON

An unspecified vulnerabilities were found in Microsoft Internet Explorer. By exploiting these vulnerabilities malicious users can gain privileges or execute arbitrary code. These vulnerabilities can be exploited remotely via a specially designed web site.

Original advisories

Exploitation

Public exploits exist for this vulnerability.

Related products

Microsoft-Internet-Explorer

CVE list

CVE-2015-1754 critical

CVE-2015-1753 critical

CVE-2015-1752 critical

CVE-2015-1751 critical

CVE-2015-1750 critical

CVE-2015-1687 critical

CVE-2015-1748 high

CVE-2015-1765 warning

CVE-2015-1741 critical

CVE-2015-1742 critical

CVE-2015-1736 critical

CVE-2015-1755 critical

CVE-2015-1732 critical

CVE-2015-1730 critical

CVE-2015-1737 critical

CVE-2015-1735 critical

CVE-2015-1747 critical

CVE-2015-1745 critical

CVE-2015-1731 critical

CVE-2015-1739 high

CVE-2015-1744 critical

CVE-2015-1743 high

CVE-2015-1766 critical

CVE-2015-1740 critical

KB list

3058515

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected Products

Microsoft Internet Explorer versions from 6 through 11

References

support.microsoft.com/kb/3058515

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1687

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1730

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1731

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1732

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1735

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1736

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1737

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1739

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1740

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1741

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1742

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1743

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1744

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1745

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1747

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1748

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1750

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1751

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1752

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1753

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1754

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1755

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1765

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1766

statistics.securelist.com/

technet.microsoft.com/en-us/library/security/ms15-056

threats.kaspersky.com/en/product/Microsoft-Internet-Explorer/

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.877

Percentile

98.7%

JSON

Related for KLA10594