CVE-2015-0053
published 2015-02-11CVE-2015-0053: Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web…
PriorityP350critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
15.53%
96.4th percentile
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0045.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-f2hw-fh3p-h6gp: Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a craft
ghsa_unreviewed·2022-05-14·CVSS 9.3
CVE-2015-0053 [CRITICAL] GHSA-f2hw-fh3p-h6gp: Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a craft
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0045.
GHSA
GHSA-r2hj-3857-22x9: Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a craft
ghsa_unreviewed·2022-05-14·CVSS 9.3
CVE-2015-0045 [CRITICAL] GHSA-r2hj-3857-22x9: Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a craft
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0053.
No detection rules found.
Exploit-DB
Adobe Flash - '.SWF' Out-of-Bounds Memory Read (1)
exploitdb·2015-08-19
CVE-2015-5131 Adobe Flash - '.SWF' Out-of-Bounds Memory Read (1)
Adobe Flash - '.SWF' Out-of-Bounds Memory Read (1)
---
Source: https://code.google.com/p/google-security-research/issues/detail?id=361&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id
The following access violation was observed in the Adobe Flash Player plugin:
(150c.ca0): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
*** ERROR: Symbol file could not be found. Defaulted to export symbols for FlashPlayer.exe -
eax=078a53b7 ebx=00f28938 ecx=002dea24 edx=000085ed esi=000085ee edi=09d9eee0
eip=0139a657 esp=002de9b4 ebp=002deda4 iopl=0 nv up ei ng nz ac pe cy
cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00210297
FlashPlayer!WinMainSandboxed+0x572f0:
Exploit-DB
Adobe Flash - '.SWF' Out-of-Bounds Memory Read (2)
exploitdb·2015-08-19
CVE-2015-5132 Adobe Flash - '.SWF' Out-of-Bounds Memory Read (2)
Adobe Flash - '.SWF' Out-of-Bounds Memory Read (2)
---
Source: https://code.google.com/p/google-security-research/issues/detail?id=362&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id
The following access violation was observed in the Adobe Flash Player plugin:
(1dec.1af0): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
*** ERROR: Symbol file could not be found. Defaulted to export symbols for FlashPlayer.exe -
eax=00006261 ebx=00001501 ecx=010ae1e4 edx=00006262 esi=0736dda0 edi=05a860d0
eip=0044ae55 esp=010ae170 ebp=010ae564 iopl=0 nv up ei ng nz ac pe cy
cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00210297
FlashPlayer!WinMainSandboxed+0x57aee:
Exploit-DB
Adobe Flash - Out-of-Bounds Memory Read While Parsing a Mutated '.TTF' File Embedded in SWF
exploitdb·2015-08-19
CVE-2015-5133 Adobe Flash - Out-of-Bounds Memory Read While Parsing a Mutated '.TTF' File Embedded in SWF
Adobe Flash - Out-of-Bounds Memory Read While Parsing a Mutated '.TTF' File Embedded in SWF
---
Source: https://code.google.com/p/google-security-research/issues/detail?id=363&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id
The following access violation was observed in the Adobe Flash Player plugin:
(1ba8.1c60): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
*** ERROR: Symbol file could not be found. Defaulted to export symbols for FlashPlayer.exe -
eax=0004c800 ebx=00000000 ecx=08982000 edx=00002588 esi=00001200 edi=0042d46c
eip=017723c0 esp=0042d278 ebp=0042d3c4 iopl=0 nv up ei pl nz na pe nc
cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00210
http://www.securityfocus.com/bid/72421http://www.securitytracker.com/id/1031723https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-009http://www.securityfocus.com/bid/72421http://www.securitytracker.com/id/1031723https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-009
2015-02-11
Published