Microsoft Internet Explorer vulnerabilities

CVE-2015-6074 [CRITICAL] CVE-2015-6074: Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6066, CVE-2015-6070, CVE-2015-6071, CVE-2015-6076, and CVE-2015-6087.

CVE-2015-6064 [CRITICAL] CWE-119 CVE-2015-6064: Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6084 and CVE-2015-6085.

CVE-2015-6086 [MEDIUM] CWE-200 CVE-2015-6086: Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information fro Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."

CVE-2015-6088 [MEDIUM] CWE-200 CVE-2015-6088: Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the ASL Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Browser ASLR Bypass."

CVE-2015-6042 [CRITICAL] CWE-416 CVE-2015-6042: Use-after-free vulnerability in the CWindow object implementation in Microsoft Internet Explorer 11 Use-after-free vulnerability in the CWindow object implementation in Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

CVE-2015-6050 [CRITICAL] CWE-119 CVE-2015-6050: Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial o Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

CVE-2015-6048 [CRITICAL] CWE-787 CVE-2015-6048: Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6049.

CVE-2015-6049 [CRITICAL] CVE-2015-6049: Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6048.

CVE-2015-6059 [MEDIUM] CWE-200 CVE-2015-6059: The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Expl The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability."

CVE-2015-6046 [MEDIUM] CWE-200 CVE-2015-6046: Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information fro Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."

CVE-2015-6051 [MEDIUM] CVE-2015-6051: Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web s Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Internet Explorer Elevation of Privilege Vulnerability."

CVE-2015-6047 [MEDIUM] CWE-264 CVE-2015-6047: The broker EditWith feature in Microsoft Internet Explorer 8 through 11 allows remote attackers to b The broker EditWith feature in Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the AppContainer protection mechanism and gain privileges via a DelegateExecute launch of an arbitrary application, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Internet Explorer Elevation of Privilege Vulnerability

CVE-2015-6053 [MEDIUM] CWE-200 CVE-2015-6053: Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process memory via crafted parameters in an ArrayBuffer.slice call, aka "Internet Explorer Information Disclosure Vulnerability."

CVE-2015-6052 [MEDIUM] CWE-200 CVE-2015-6052: The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Expl The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "VBScript and JScript ASLR Bypass."

CVE-2015-6044 [MEDIUM] CWE-264 CVE-2015-6044: Microsoft Internet Explorer 8 allows remote attackers to gain privileges via a crafted web site, as Microsoft Internet Explorer 8 allows remote attackers to gain privileges via a crafted web site, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Internet Explorer Elevation of Privilege Vulnerability."

CVE-2015-2492 [CRITICAL] CVE-2015-2492: Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2486, CVE-2015-2487, CVE-2015-2490, CVE-2015-2494, CVE-2015-2498, and CVE-2015-2499.

CVE-2015-2485 [CRITICAL] CWE-119 CVE-2015-2485: Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitr Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2491 and CVE-2015-2541.

CVE-2015-2491 [CRITICAL] CVE-2015-2491: Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2485 and CVE-2015-2541.

CVE-2015-2542 [CRITICAL] CWE-119 CVE-2015-2542: Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability."

CVE-2015-2490 [CRITICAL] CVE-2015-2490: Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2486, CVE-2015-2487, CVE-2015-2492, CVE-2015-2494, CVE-2015-2498, and CVE-2015-2499.