CVE-2015-6059

CWE-200Information Exposure3 documents3 sources
Severity
4.3MEDIUM
EPSS
22.3%
top 4.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Microsoft Internet ExplorerMicrosoft JscriptMicrosoft Vbscript
Timeline
PublishedOct 14
Latest updateMay 14

Description

The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability."

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages3 packages

NVDmicrosoft/internet_explorer4 versions+3
NVDmicrosoft/jscript5.6, 5.7, 5.8+2
NVDmicrosoft/vbscript5.6, 5.7, 5.8+2

🔴Vulnerability Details

2
GHSA
GHSA-qfrq-h88r-mjg8: The Microsoft (1) VBScript 52022-05-14
CVEList
CVE-2015-6059: The Microsoft (1) VBScript 52015-10-14
CVE-2015-6059 (MEDIUM CVSS 4.3) | The Microsoft (1) VBScript 5.7 and | cvebase.io