cbcvebase.
CVE-2015-6086
published 2015-11-11

CVE-2015-6086: Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet…

PriorityP333medium4.3CVSS 2.0
AVNACMAuNCPINAN
EXPLOIT
EPSS
26.04%
97.7th percentile
Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."

Affected

3 ranges
VendorProductVersion rangeFixed in
microsoftinternet_explorer
microsoftinternet_explorer
microsoftinternet_explorer

Detection & IOCsextracted from sources · hover to see the quote

otherCDOMStringDataList::InitFromString
  • Exploit targets CDOMStringDataList::InitFromString in MSHTML.DLL via an out-of-bounds read to leak the MSHTML base address, enabling ASLR bypass on IE 9/10/11 Windows 7 SP1 x86.
  • Exploit reads VFTable pointer from sprayed MsGestureEvent objects to compute MSHTML.DLL base address offset; look for anomalous memory reads relative to heap-sprayed regions in iexplore.exe.
  • The PoC targets IE 10-11 on Windows 7 SP1 x86 specifically for ASLR bypass; scope detection rules to iexplore.exe on 32-bit Windows 7 SP1 systems.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.