CVE-2015-1713 — Use After Free in Microsoft Internet Explorer

CWE-264 CWE-416 — Use After Free8 documents6 sources

Severity

6.8MEDIUMNVD

EPSS

11.0%

top 6.56%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Internet Explorer

Timeline

PublishedMay 13

Latest updateMay 14

Description

Microsoft Internet Explorer 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

▶NVDmicrosoft/internet_explorer11

🔴Vulnerability Details

GHSA

GHSA-7687-8cj4-w742: Microsoft Internet Explorer 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulner↗2022-05-14

▶

💥Exploits & PoCs

Exploit-DB

Vtiger CRM 6.3.0 - (Authenticated) Arbitrary File Upload (Metasploit)↗2018-03-30

▶

📋Vendor Advisories

Red Hat

webkitgtk: use-after-free in the AttributeSetter function (WSA-2015-0001)↗2015-01-26

▶

🕵️Threat Intelligence

Zscaler

Zscaler found Multiple Security Vulnerabilities | 05-12-2015↗

▶

💬Community

Bugzilla

CVE-2015-3247 spice: memory corruption in worker_update_monitors_config()↗2015-06-18

▶

Bugzilla

CVE-2015-1841 RHEV-M: webadmin automatic logout fails if VM is selected↗2015-03-26

▶

Bugzilla

CVE-2014-1713 webkitgtk: use-after-free in the AttributeSetter function (WSA-2015-0001)↗2015-01-27

▶