CVE-2015-2500
published 2015-09-09CVE-2015-2500: Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site…
PriorityP353critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
23.76%
97.5th percentile
Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability."
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
CVSS provenance
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
osv6.4MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-xjfj-m4mp-3crw: Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted w
ghsa_unreviewed·2022-05-14
CVE-2015-2500 [HIGH] CWE-119 GHSA-xjfj-m4mp-3crw: Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted w
Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability."
OSV
vnc4 vulnerabilities
osv·2021-03-15·CVSS 6.4
CVE-2015-0255 vnc4 vulnerabilities
vnc4 vulnerabilities
USN-2500-1 addressed CVE-2015-0255 for xorg-server. This update provides
the corresponding fix for VNC4 on Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
(CVE-2015-0255)
USN-2726-1 addressed CVE-2015-1283 for Expat. This update provides the
corresponding fix for VNC4 on Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
(CVE-2015-1283)
Original advisory details:
Olivier Fourdan discovered that the X.Org X server incorrectly handled
XkbSetGeometry requests resulting in an information leak. An attacker able
to connect to an X server, either locally or remotely, could use this issue
to possibly obtain sensitive information. (CVE-2015-0255)
It was discovered that Expat incorrectly handled malformed XML data. If a
user or application linked against Expat were tricked into opening a
crafte
No detection rules found.
No public exploits indexed.
http://www.securityfocus.com/bid/76581http://www.securitytracker.com/id/1033487http://www.zerodayinitiative.com/advisories/ZDI-15-426https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-094http://www.securityfocus.com/bid/76581http://www.securitytracker.com/id/1033487http://www.zerodayinitiative.com/advisories/ZDI-15-426https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-094
2015-09-09
Published