KLA10677
Multiple vulnerabilities in Microsoft Internet Explorer
Updated: 06/02/2016
CVSS
?
9.3
Detect date
?
10/13/2015
Severity
?
Critical
Description

Multiple serious vulnerabilities have been found in Microsoft Internet Explorer. Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges, execute arbitrary code or obtain sensitive information.

Below is a complete list of vulnerabilities

  1. Improper memory objects access can be exploited remotely via a specially designed web site to execute arbitrary code;
  2. Improper memory objects handling at script engines can be exploited remotely via a specially designed web site to execute arbitrary code;
  3. Improper permissions validation can be exploited remotely via a specially designed web site to gain privileges;
  4. Improper memory disclosure can be exploited remotely to obtaib sensitive information;
  5. Lack of ASLR restrictions at script engines can be exploited remotely to obtain sensitive information;
  6. Improper memory content disclosure at script engine can be exploited remotely via a specially designed web site to obtain sensitive information.
Affected products

Microsoft Internet Explorer versions from 7 through 11

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

MS15-106

Impacts
?
ACE 
[?]

OSI 
[?]

SB 
[?]

PE 
[?]
Related products
Microsoft Internet Explorer
CVE-IDS
?

CVE-2015-6042
CVE-2015-6050
CVE-2015-6053
CVE-2015-6052
CVE-2015-6055
CVE-2015-6047
CVE-2015-6044
CVE-2015-6056
CVE-2015-6059
CVE-2015-6048
CVE-2015-6049
CVE-2015-2482
CVE-2015-6051
CVE-2015-6046

Microsoft official advisories
MS15-106
KB list

3097617
3094995
3096441
3094996
3093983