CVE-2015-2404 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Internet Explorer
CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer20 documents4 sources
Severity
9.3CRITICALNVD
EPSS
28.1%
top 3.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 14
Latest updateMay 14
Description
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2385, CVE-2015-2390, CVE-2015-2397, CVE-2015-2406, and CVE-2015-2422.
CVSS vector
AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0
Affected Packages1 packages
🔴Vulnerability Details
12GHSA▶
GHSA-cpqg-xg8c-6gp4: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a craf↗2022-05-14
GHSA▶
GHSA-9pmr-jfqr-pfw6: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a craf↗2022-05-14
GHSA▶
GHSA-p8m9-gfwm-x8x9: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a craf↗2022-05-14
GHSA▶
GHSA-348m-7646-3j86: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a craf↗2022-05-14
GHSA▶
GHSA-gq59-hwfj-fcg7: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a craf↗2022-05-14