CVE-2015-2389 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Internet Explorer
CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer12 documents5 sources
Severity
9.3CRITICALNVD
EPSS
28.1%
top 3.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 14
Latest updateMay 14
Description
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1733 and CVE-2015-2411.
CVSS vector
AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0
Affected Packages1 packages
🔴Vulnerability Details
6GHSA▶
GHSA-32gv-f76r-vj5h: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted↗2022-05-14
GHSA▶
GHSA-v9w4-3m67-cr79: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted↗2022-05-14
GHSA▶
GHSA-rg9g-2f45-9hgp: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted↗2022-05-14
CVEList▶
CVE-2015-2411: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted↗2015-07-14
CVEList▶
CVE-2015-2389: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted↗2015-07-14