CVE-2015-6055

CWE-119Buffer Overflow3 documents3 sources
Severity
9.3CRITICAL
EPSS
44.4%
top 2.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft JscriptMicrosoft Vbscript
Timeline
PublishedOct 14
Latest updateMay 14

Description

The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Filter arguments, aka "Scripting Engine Memory Corruption Vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDmicrosoft/jscript5.6, 5.7, 5.8+2
NVDmicrosoft/vbscript5.6, 5.7, 5.8+2

🔴Vulnerability Details

2
GHSA
GHSA-c2qw-hpjg-mph4: The Microsoft (1) VBScript 52022-05-14
CVEList
CVE-2015-6055: The Microsoft (1) VBScript 52015-10-14
CVE-2015-6055 (CRITICAL CVSS 9.3) | The Microsoft (1) VBScript 5.7 and | cvebase.io