CVE-2015-2487

2015-09-0900:59:05

CWE-119

microsoft

web.nvd.nist.gov

cve-2015-2487

microsoft internet explorer

remote code execution

memory corruption

web security

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

High

EPSS

0.645

Percentile

97.9%

JSON

Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2486, CVE-2015-2490, CVE-2015-2492, CVE-2015-2494, CVE-2015-2498, and CVE-2015-2499.

Affected configurations

Nvd

Node

microsoftinternet_explorerMatch7

microsoftinternet_explorerMatch8

microsoftinternet_explorerMatch9

microsoftinternet_explorerMatch10

microsoftinternet_explorerMatch11-

VendorProductVersionCPE
microsoftinternet_explorer10cpe:/a:microsoft:internet_explorer:10:::
microsoftinternet_explorer8cpe:/a:microsoft:internet_explorer:8:::
microsoftinternet_explorer11cpe:/a:microsoft:internet_explorer:11:-::
microsoftinternet_explorer9cpe:/a:microsoft:internet_explorer:9:::
microsoftinternet_explorer7cpe:/a:microsoft:internet_explorer:7:::

Vendor	Product	Version	CPE
microsoft	internet_explorer	10	cpe:/a:microsoft:internet_explorer:10:::
microsoft	internet_explorer	8	cpe:/a:microsoft:internet_explorer:8:::
microsoft	internet_explorer	11	cpe:/a:microsoft:internet_explorer:11:-::
microsoft	internet_explorer	9	cpe:/a:microsoft:internet_explorer:9:::
microsoft	internet_explorer	7	cpe:/a:microsoft:internet_explorer:7:::