CVE-2015-6184Out-of-bounds Write in Microsoft Internet Explorer

3 documents3 sources
Severity
8.1HIGHNVD
CNA9.3
EPSS
49.7%
top 2.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedMar 9
Latest updateMay 14

Description

The CAttrArray object implementation in Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and memory corruption) via a malformed Cascading Style Sheets (CSS) token sequence in conjunction with modifications to HTML elements, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6048 and CVE-2015-6049.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages1 packages

NVDmicrosoft/internet_explorer5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-328f-gjph-mp98: The CAttrArray object implementation in Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial o2022-05-14
CVEList
CVE-2015-6184: The CAttrArray object implementation in Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial o2016-03-09
CVE-2015-6184 — Out-of-bounds Write in Microsoft | cvebase