CVE-2015-1712
published 2015-05-13CVE-2015-1712: Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site…
PriorityP352critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
26.88%
97.8th percentile
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1691.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-3326-5gcc-rx5x: Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted w
ghsa_unreviewed·2022-05-14·CVSS 9.3
CVE-2015-1712 [CRITICAL] CWE-119 GHSA-3326-5gcc-rx5x: Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted w
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1691.
GHSA
GHSA-prj9-c479-85q8: Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted w
ghsa_unreviewed·2022-05-14·CVSS 9.3
CVE-2015-1691 [CRITICAL] CWE-119 GHSA-prj9-c479-85q8: Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted w
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1712.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2015-1293 chromium-browser: Cross-origin bypass in DOM
bugzilla·2015-09-02·CVSS 7.5
CVE-2015-1293 [HIGH] CVE-2015-1293 chromium-browser: Cross-origin bypass in DOM
CVE-2015-1293 chromium-browser: Cross-origin bypass in DOM
An unspecified cross-origin bypass flaw was found in the DOM component of the Chromium browser.
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=524074
External References:
http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1712 https://rhn.redhat.com/errata/RHSA-2015-1712.html
Bugzilla
CVE-2015-1301 chromium-browser: various fixes from internal audits
bugzilla·2015-09-02·CVSS 7.5
CVE-2015-1301 [HIGH] CVE-2015-1301 chromium-browser: various fixes from internal audits
CVE-2015-1301 chromium-browser: various fixes from internal audits
Unspecified various fixes from internal audits were applied to the Chromium browser.
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=526825
External References:
http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1712 https://rhn.redhat.com/errata/RHSA-2015-1712.html
Bugzilla
CVE-2015-1294 chromium-browser: Use-after-free in Skia
bugzilla·2015-09-02·CVSS 7.5
CVE-2015-1294 [HIGH] CVE-2015-1294 chromium-browser: Use-after-free in Skia
CVE-2015-1294 chromium-browser: Use-after-free in Skia
An unspecified use-after-free flaw was found in the Skia component of the Chromium browser.
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=492263
External References:
http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1712 https://rhn.redhat.com/errata/RHSA-2015-1712.html
Bugzilla
CVE-2015-1299 chromium-browser: Use-after-free in Blink
bugzilla·2015-09-02·CVSS 7.5
CVE-2015-1299 [HIGH] CVE-2015-1299 chromium-browser: Use-after-free in Blink
CVE-2015-1299 chromium-browser: Use-after-free in Blink
An unspecified use-after-free flaw was found in the Blink component of the Chromium browser.
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=416362
External References:
http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1712 https://rhn.redhat.com/errata/RHSA-2015-1712.html
Bugzilla
CVE-2015-1298 chromium-browser: URL validation error in extensions
bugzilla·2015-09-02·CVSS 4.3
CVE-2015-1298 [MEDIUM] CVE-2015-1298 chromium-browser: URL validation error in extensions
CVE-2015-1298 chromium-browser: URL validation error in extensions
An unspecified url validation error flaw was found in the extensions component of the Chromium browser.
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=518827
External References:
http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1712 https://rhn.redhat.com/errata/RHSA-2015-1712.html
Bugzilla
CVE-2015-1292 chromium-browser: Cross-origin bypass in ServiceWorker
bugzilla·2015-09-02·CVSS 5.0
CVE-2015-1292 [MEDIUM] CVE-2015-1292 chromium-browser: Cross-origin bypass in ServiceWorker
CVE-2015-1292 chromium-browser: Cross-origin bypass in ServiceWorker
An unspecified cross-origin bypass flaw was found in the ServiceWorker component of the Chromium browser.
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=522791
External References:
http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1712 https://rhn.redhat.com/errata/RHSA-2015-1712.html
Bugzilla
CVE-2015-1291 chromium-browser: Cross-origin bypass in DOM
bugzilla·2015-09-02·CVSS 6.4
CVE-2015-1291 [MEDIUM] CVE-2015-1291 chromium-browser: Cross-origin bypass in DOM
CVE-2015-1291 chromium-browser: Cross-origin bypass in DOM
Cross-origin bypass in DOM
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=516377 (private)
External References:
http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1712 https://rhn.redhat.com/errata/RHSA-2015-1712.html
Bugzilla
CVE-2015-1296 chromium-browser: Character spoofing in omnibox
bugzilla·2015-09-02·CVSS 5.0
CVE-2015-1296 [MEDIUM] CVE-2015-1296 chromium-browser: Character spoofing in omnibox
CVE-2015-1296 chromium-browser: Character spoofing in omnibox
An unspecified character spoofing flaw was found in the omnibox component of the Chromium browser.
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=421332
External References:
http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1712 https://rhn.redhat.com/errata/RHSA-2015-1712.html
Bugzilla
CVE-2015-1295 chromium-browser: Use-after-free in Printing
bugzilla·2015-09-02·CVSS 7.5
CVE-2015-1295 [HIGH] CVE-2015-1295 chromium-browser: Use-after-free in Printing
CVE-2015-1295 chromium-browser: Use-after-free in Printing
An unspecified use-after-free flaw was found in the Printing component of the Chromium browser.
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=502562
External References:
http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1712 https://rhn.redhat.com/errata/RHSA-2015-1712.html
Bugzilla
CVE-2015-1297 chromium-browser: Permission scoping error in WebRequest
bugzilla·2015-09-02·CVSS 7.5
CVE-2015-1297 [HIGH] CVE-2015-1297 chromium-browser: Permission scoping error in WebRequest
CVE-2015-1297 chromium-browser: Permission scoping error in WebRequest
An unspecified permission scoping error flaw was found in the WebRequest component of the Chromium browser.
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=510802
External References:
http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1712 https://rhn.redhat.com/errata/RHSA-2015-1712.html
Bugzilla
CVE-2015-1300 chromium-browser: Information leak in Blink
bugzilla·2015-09-02·CVSS 5.0
CVE-2015-1300 [MEDIUM] CVE-2015-1300 chromium-browser: Information leak in Blink
CVE-2015-1300 chromium-browser: Information leak in Blink
An unspecified information leak flaw was found in the Blink component of the Chromium browser.
Upstream bug: https://code.google.com/p/chromium/issues/detail?id=511616
External References:
http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html
Discussion:
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2015:1712 https://rhn.redhat.com/errata/RHSA-2015-1712.html
http://www.securityfocus.com/bid/74515http://www.securitytracker.com/id/1032282https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-043http://www.securityfocus.com/bid/74515http://www.securitytracker.com/id/1032282https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-043
2015-05-13
Published