5 matches found
One of my first sandbox escapes and bugs (CVE-2015-1743)
Advisory link: http://www.zerodayinitiative.com/advisories/ZDI-15-377/ CVE-2015-1743 Demo: https://www.youtube.com/watch?v=6Vtl8kh6keQ Below is one of my first sandbox escapes, and my entry into vulnerability research. My first bugs relied heavily on the work that Forshaw did my later ones deviat...
CVE-2015-1743
Microsoft Internet Explorer (IE) 7–11 contains an elevation-of-privilege vulnerability in the ActiveX Broker (CVE-2015-1743). A crafted web page can escape EPM and allow arbitrary code execution in an IE process, potentially compromising the user context. The issue is addressed by Microsoft via M...
Sandbox Escape: Microsoft Internet Explorer ActiveX Broker Allows EPM Bypass
This vulnerability CVE-2015-1743 was reported to Microsoft on March 10, 2015 and has been patched via MS15-056 https://technet.microsoft.com/library/security/MS15-056. There is a security vulnerability in Microsoft Internet Explorer's ActiveX Broker. Successfully exploiting this vulnerability...
Microsoft Internet Explorer CVE-2015-1743 Remote Privilege Escalation Vulnerability
Description Microsoft Internet Explorer is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Internet Explorer 7, 8, 9, 10, and 11 are vulnerable. Technologies Affected Avaya...
Microsoft Internet Explorer Elevation Of Privilege (MS15-056: CVE-2015-1743)
An elevation of privilege vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer validates permissions under specific conditions, potentially allowing script to be run with elevated privileges...