Lucene search
HistoryOct 14, 2015 - 1:59 a.m.
CVE-2015-6052
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0.016
Percentile
87.8%
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka “VBScript and JScript ASLR Bypass.”
Affected configurations
Node
microsoftjscriptMatch5.7
ORmicrosoftjscriptMatch5.8
ORmicrosoftvbscriptMatch5.7
ORmicrosoftvbscriptMatch5.8
microsoftinternet_explorerMatch8
ORmicrosoftinternet_explorerMatch9
ORmicrosoftinternet_explorerMatch10
ORmicrosoftinternet_explorerMatch11-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | jscript | 5.7 | cpe:2.3:a:microsoft:jscript:5.7:*:*:*:*:*:*:* |
| microsoft | jscript | 5.8 | cpe:2.3:a:microsoft:jscript:5.8:*:*:*:*:*:*:* |
| microsoft | vbscript | 5.7 | cpe:2.3:a:microsoft:vbscript:5.7:*:*:*:*:*:*:* |
| microsoft | vbscript | 5.8 | cpe:2.3:a:microsoft:vbscript:5.8:*:*:*:*:*:*:* |
| microsoft | internet_explorer | 8 | cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:* |
| microsoft | internet_explorer | 9 | cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:* |
| microsoft | internet_explorer | 10 | cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:* |
| microsoft | internet_explorer | 11 | cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:* |
Related
prion
prion
Security feature bypass
2015-10-14 01:59:00
cvelist
cvelist
CVE-2015-6052
2015-10-14 01:00:00
symantec
symantec
checkpoint_advisories
checkpoint_advisories
Microsoft VBScript and JScript ASLR Bypass (MS15-106: CVE-2015-6052)
2015-10-13 00:00:00
cve
cve
CVE-2015-6052
2015-10-14 01:59:23
openvas
openvas
Microsoft Windows JScript and VBScript Remote Code Execution Vulnerability (3089659)
2015-10-14 00:00:00
Microsoft Internet Explorer Multiple Vulnerabilities (3096441)
2015-10-14 00:00:00
kaspersky
kaspersky
KLA10676 Multiple vulnerabilities in Microsoft JScript and VBScript
2015-10-13 00:00:00
KLA10677 Multiple vulnerabilities in Microsoft Internet Explorer
2015-10-13 00:00:00
nessus
nessus
mskb
mskb
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2015-10-25 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0.016
Percentile
87.8%
Related for NVD:CVE-2015-6052