CVE-2015-2411
published 2015-07-14CVE-2015-2411: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web…
PriorityP348critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
13.02%
95.8th percentile
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1733 and CVE-2015-2389.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-32gv-f76r-vj5h: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted
ghsa_unreviewed·2022-05-14·CVSS 9.3
CVE-2015-1733 [CRITICAL] CWE-119 GHSA-32gv-f76r-vj5h: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2389 and CVE-2015-2411.
GHSA
GHSA-v9w4-3m67-cr79: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted
ghsa_unreviewed·2022-05-14·CVSS 9.3
CVE-2015-2389 [CRITICAL] CWE-119 GHSA-v9w4-3m67-cr79: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1733 and CVE-2015-2411.
GHSA
GHSA-rg9g-2f45-9hgp: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted
ghsa_unreviewed·2022-05-14·CVSS 9.3
CVE-2015-2411 [CRITICAL] CWE-119 GHSA-rg9g-2f45-9hgp: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1733 and CVE-2015-2389.
No detection rules found.
No public exploits indexed.
arXiv
SOK: On the Analysis of Web Browser Security
arxiv_fulltext·2021-12-31
SOK: On the Analysis of Web Browser Security
: On the Analysis of Web Browser Security
fancyplain
Rev.
\ of LastPage
Jungwon Lim*,\;
Yonghwi Jin*^ ,\;
Mansour Alharthi,\;
Xiaokuan Zhang,\;
Jinho Jung,\;
Rajat Gupta,\;
Kuilin Li,\;
Daehee Jang^ ,\;
Taesoo Kim\;
Georgia Institute of Technology ^ Theori Inc. ^ Sungshin Women's University
## Abstract
Web browsers are integral parts of everyone's daily life.
They are commonly used
for security-critical and privacy sensitive tasks,
like banking transactions and checking medical records.
Unfortunately,
modern web browsers are
too complex to be bug free
( , 25 million lines of code in Chrome),
and their role as an interface to the cyberspace
makes them an attractive target for attacks.
Accordingly,
web browsers naturally
become an arena for demonstrating
advanced exploitation techni
arXiv
Rethinking Misalignment to Raise the Bar for Heap Pointer Corruption
arxiv_fulltext·2018-08-08
Rethinking Misalignment to Raise the Bar for Heap Pointer Corruption
Rethinking Misalignment to Raise the Bar for Heap Pointer Corruption
Daehee Jang
KAIST
[email protected]
Hojoon Lee
KAIST
[email protected]
Brent Byunghoon Kang
KAIST
[email protected]
Michael Shell
Georgia Institute of Technology
[email protected]
Homer Simpson
Twentieth Century Fox
[email protected]
James Kirk
and Montgomery Scott
Starfleet Academy
[email protected]
\@IEEEpubidpullup9
Permission to freely reproduce all or part
of this paper for noncommercial purposes is granted provided that
copies bear this notice and the full citation on the first
page. Reproduction for commercial purposes is strictly prohibited
without the prior written consent of the Internet Society, the
first-named author (for reproduction of an entire paper only), and
the
Zscaler
Zscaler found Multiple Security Vulnerabilities | 07-21-2015
blogs_zscaler·CVSS 9.3
[CRITICAL] Zscaler found Multiple Security Vulnerabilities | 07-21-2015
Provide users with seamless, secure, reliable access to applications and data.
Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud.
Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems.
Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners.
Industry Report
Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE)
USE CASES
INDUSTRY & MARKET SOLUTIONS
PARTNERS
TECHNOLOGY PARTNERS
Resource Center
Events & Trainings
Security Research & Services
Tools
Community & Support
CXO REVOLUTIONARIES
Amplifying the voices of real-world digital and zero trust pioneers
Discover how it began and where it’s going
Meet o
Zscaler
Zscaler found IE & MS Office Vulnerabilities | 07-14-2015
blogs_zscaler
Zscaler found IE & MS Office Vulnerabilities | 07-14-2015
Provide users with seamless, secure, reliable access to applications and data.
Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud.
Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems.
Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners.
Industry Report
Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE)
USE CASES
INDUSTRY & MARKET SOLUTIONS
PARTNERS
TECHNOLOGY PARTNERS
Resource Center
Events & Trainings
Security Research & Services
Tools
Community & Support
CXO REVOLUTIONARIES
Amplifying the voices of real-world digital and zero trust pioneers
Discover how it began and where it’s going
Meet o
2015-07-14
Published