CVE-2015-2548
published 2015-10-14CVE-2015-2548: Use-after-free vulnerability in the Tablet Input Band in Windows Shell in Microsoft Windows Vista SP2 and Windows 7 SP1 allows remote attackers to execute…
PriorityP354critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
24.59%
97.6th percentile
Use-after-free vulnerability in the Tablet Input Band in Windows Shell in Microsoft Windows Vista SP2 and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Microsoft Tablet Input Band Use After Free Vulnerability."
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Unit42
Palo Alto Networks Researcher Discovers Critical IE Vulnerability
blogs_unit42·2015-10-27·CVSS 9.3
CVE-2015-2548 [CRITICAL] Palo Alto Networks Researcher Discovers Critical IE Vulnerability
Palo Alto Networks researcher Hui Gao was credited with discovery of a new critical Internet Explorer (IE) vulnerability affecting IE versions 6, 7, 8, 9, 10 and 11. CVE-2015-2548 is included in Microsoft's October 2015 Security Bulletin and documented in Microsoft Security Bulletin MS15-109.
In our continuing commitment to the security research community, these vulnerabilities were disclosed to Microsoft through our participation in the Microsoft Active Protections Program (MAPP) program, which ensures the timely, responsible disclosure of new vulnerabilities and creation of protections from security vendors. (As of this writing, Microsoft researcher Bo Qu was also credited with critical IE vulnerability discoveries in August and July, acknowledged in revisions to Microsoft Security Bull
Unit42
Palo Alto Networks Researcher Discovers Critical IE Vulnerability
blogs_unit42·2015-10-27·CVSS 9.3
CVE-2015-2548 [CRITICAL] Palo Alto Networks Researcher Discovers Critical IE Vulnerability
## Palo Alto Networks Researcher Discovers Critical IE Vulnerability
Ryan Olson
Published: October 27, 2015
Threat Research
Vulnerabilities
Internet Explorer
Microsoft
Microsoft Security Bulletin
Palo Alto Networks researcher Hui Gao was credited with discovery of a new critical Internet Explorer (IE) vulnerability affecting IE versions 6, 7, 8, 9, 10 and 11. CVE-2015-2548 is included in Microsoft's October 2015 Security Bulletin and documented in Microsoft Security Bulletin MS15-109 .
In our continuing commitment to the security research community, these vulnerabilities were disclosed to Microsoft through our participation in the Microsoft Active Protections Program (MAPP) program, which ensures the timely, responsible disclosure of new vulnerabilities and creation of protection
Talos
Microsoft Patch Tuesday - October 2015
blogs_talos·2015-10-13·CVSS 9.3
[CRITICAL] Microsoft Patch Tuesday - October 2015
## Microsoft Patch Tuesday - October 2015
Microsoft's Patch Tuesday has arrived. Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release is fairly light with a total of 6 bulletins released addressing 33 vulnerabilities. Half of the bulletins are rated "Critical" and address vulnerabilities in Internet Explorer, JScript/VBScript, and the Windows Shell. The other half of the bulletins are rated "Important" and address vulnerabilities in Edge, Office, and the Windows Kernel.
## Bulletins Rated Critical MS15-106, MS15-108, are MS15-109 are rated Critical in this month's release.
MS15-106 is this month's Internet Explorer security bulletin for versions 7 through 11. In total, 14 vulnerabil
Talos
Microsoft Patch Tuesday - October 2015
blogs_talos·2015-10-13·CVSS 9.3
[CRITICAL] Microsoft Patch Tuesday - October 2015
Microsoft's Patch Tuesday has arrived. Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release is fairly light with a total of 6 bulletins released addressing 33 vulnerabilities. Half of the bulletins are rated "Critical" and address vulnerabilities in Internet Explorer, JScript/VBScript, and the Windows Shell. The other half of the bulletins are rated "Important" and address vulnerabilities in Edge, Office, and the Windows Kernel.
### Bulletins Rated Critical MS15-106, MS15-108, are MS15-109 are rated Critical in this month's release.
MS15-106 is this month's Internet Explorer security bulletin for versions 7 through 11. In total, 14 vulnerabilities were addressed with most of them bei
Zscaler
Zscaler detects IE & MS Office Vulnerabilities | 10-13-2015
blogs_zscaler
Zscaler detects IE & MS Office Vulnerabilities | 10-13-2015
Provide users with seamless, secure, reliable access to applications and data.
Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud.
Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems.
Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners.
Industry Report
Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE)
USE CASES
INDUSTRY & MARKET SOLUTIONS
PARTNERS
TECHNOLOGY PARTNERS
Resource Center
Events & Trainings
Security Research & Services
Tools
Community & Support
CXO REVOLUTIONARIES
Amplifying the voices of real-world digital and zero trust pioneers
Discover how it began and where it’s going
Meet o
2015-10-14
Published