KLA10634
Multiple vulnerabilities in Microsoft Internet Explorer

Обновлено: 18/06/2020
Дата обнаружения
14/07/2015
Уровень угрозы
High
Описание

Multiple serious vulnerabilities have been found in Microsoft Internet Explorer. Malicious users can exploit these vulnerabilities to read local files, cause denial of service, bypass security restrictions, execute arbitrary code, gain privileges or obtain sensitive information.

Below is a complete list of vulnerabilities

  1. Unknown vulnerability can be exploited remotely via a specially designed web site to obtain sensitive information;
  2. Unknown vulnerability at vectors related to JScript, VBScript or other unknown vectors can be exploited remotely via a specially designed web site to execute arbitrary code or cause denial of service;
  3. Unknown vulnerability can be exploited remotely via a specially designed pathname to read local files;
  4. Unknown vulnerability can be exploited remotely via a specially designed module-resource request or stylesheet to determine existence of local files;
  5. Unknown vulnerability at vectors related to image caching can be exploited remotely to obtain sensitive information;
  6. Unknown vulnerability can be exploited remotely via a specially designed HTML to bypass XSS filter;
  7. Unknown vulnerability can be exploited remotely via a specially designed web site to bypass ASLR;
  8. Unknown vulnerability can be exploited remotely via a specially designed web site to gain privileges.
Пораженные продукты

Microsoft Internet Explorer versions from 8 through 11

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2015-2372
CVE-2015-2388
CVE-2015-2389
CVE-2015-2408
CVE-2015-2425
CVE-2015-2403
CVE-2015-2402
CVE-2015-2404
CVE-2015-2406
CVE-2015-1729
CVE-2015-2412
CVE-2015-2384
CVE-2015-2385
CVE-2015-2422
CVE-2015-2390
CVE-2015-2391
CVE-2015-1738
CVE-2015-1733
CVE-2015-1767
CVE-2015-2383
CVE-2015-2410
CVE-2015-2413
CVE-2015-2414
CVE-2015-2411
CVE-2015-2397
CVE-2015-2398
CVE-2015-2419
CVE-2015-2421
CVE-2015-2401
Оказываемое влияние
?
ACE 
[?]

OSI 
[?]

DoS 
[?]

SB 
[?]

PE 
[?]

RLF 
[?]
Связанные продукты
Microsoft Internet Explorer
CVE-IDS
CVE-2015-23729.3Critical
CVE-2015-23889.3Critical
CVE-2015-23899.3Critical
CVE-2015-24089.3Critical
CVE-2015-24259.3Critical
CVE-2015-24039.3Critical
CVE-2015-24024.3Warning
CVE-2015-24049.3Critical
CVE-2015-24069.3Critical
CVE-2015-17294.3Warning
CVE-2015-24124.3Warning
CVE-2015-23849.3Critical
CVE-2015-23859.3Critical
CVE-2015-24229.3Critical
CVE-2015-23909.3Critical
CVE-2015-23919.3Critical
CVE-2015-17389.3Critical
CVE-2015-17339.3Critical
CVE-2015-17679.3Critical
CVE-2015-23839.3Critical
CVE-2015-24104.3Warning
CVE-2015-24134.3Warning
CVE-2015-24144.3Warning
CVE-2015-24119.3Critical
CVE-2015-23979.3Critical
CVE-2015-23984.3Warning
CVE-2015-24199.3Critical
CVE-2015-24214.3Warning
CVE-2015-24019.3Critical