CVSS: 9.3EPSS: 72%CPEs: 5EXPL: 0CVE-2015-2492
https://notcve.org/view.php?id=CVE-2015-2492
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2486, CVE-2015-2487, CVE-2015-2490, CVE-2015-2494, CVE-2015-2498, and CVE-2015-2499. Vulnerabilidad en Microsoft Internet Explorer 7 hasta la versión 11, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocida como 'Memory Corruption Vulnerability,' una vulnerabilidad diferente a CVE-2015-2486, CVE-2015-2487, CVE-2015-2490, CVE-2015-2494, CVE-2015-2498 y CVE-2015-2499. • http://www.securityfocus.com/bid/76578 http://www.securitytracker.com/id/1033487 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-094 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 48%CPEs: 6EXPL: 0CVE-2015-2494
https://notcve.org/view.php?id=CVE-2015-2494
Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2486, CVE-2015-2487, CVE-2015-2490, CVE-2015-2492, CVE-2015-2498, and CVE-2015-2499. Vulnerabilidad en Microsoft Internet Explorer 7 hasta la versión 11 y Microsoft Edge, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocida como 'Memory Corruption Vulnerability,' una vulnerabilidad diferente a CVE-2015-2486, CVE-2015-2487, CVE-2015-2490, CVE-2015-2492, CVE-2015-2498 y CVE-2015-2499. • http://www.securityfocus.com/bid/76570 http://www.securitytracker.com/id/1033487 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-094 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-095 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 48%CPEs: 3EXPL: 0CVE-2015-2542
https://notcve.org/view.php?id=CVE-2015-2542
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability." Vulnerabilidad en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocida como 'Memory Corruption Vulnerability.' • http://www.securityfocus.com/bid/76571 http://www.securitytracker.com/id/1033487 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-094 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-095 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.9EPSS: 1%CPEs: 1EXPL: 0CVE-2015-2489 – Microsoft Internet Explorer ISettingsBroker Sandbox Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2015-2489
Microsoft Internet Explorer 11 allows remote attackers to gain privileges via a crafted web site, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Elevation of Privilege Vulnerability." Vulnerabilidad en Microsoft Internet Explorer 11, permite a atacantes remotos obtener privilegios a través de un sitio web manipulado, según lo demostrado por una transición desde Low Integrity hasta Medium Integrity, también conocida como 'Elevation of Privilege Vulnerability.' This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the usage of ISettingsBroker. By using a specified CLSID to the setValue method, an attacker can modify privileged registry values. • http://www.securityfocus.com/bid/76585 http://www.securitytracker.com/id/1033487 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-094 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 46%CPEs: 4EXPL: 0CVE-2015-2485 – Microsoft Internet Explorer Element ID Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-2485
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2491 and CVE-2015-2541. Vulnerabilidad en Microsoft Internet Explorer 9 hasta la versión 11 y Microsoft Edge, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocida como 'Memory Corruption Vulnerability,' una vulnerabilidad diferente a CVE-2015-2491 y CVE-2015-2541. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how Internet Explorer processes the IDs of HTML elements. By manipulating a document's elements an attacker can cause a CPtrAry<CDOMNode*> object in memory to be reused after it has been freed. • http://www.securityfocus.com/bid/76572 http://www.securitytracker.com/id/1033487 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-094 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-095 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •