Дата обнаружения
|
11/08/2015 |
Уровень угрозы
|
High |
Описание
|
Multiple serious vulnerabilities have been found in Microsoft Internet Explorer. Malicious users can exploit these vulnerabilities to Bypass security restrictions, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities
Technical details To exploit (3) attacker must first leverage another vulnerability to cause code execution in IE with EPM. Than malicious can execute Excel, Notepad, PowerPoint or another with unsafe command line parameter. Another part of updates for this vulnerability listed in KLA10646, KLA10645 |
Пораженные продукты
|
Microsoft Internet Explorer versions from 7 through 11 |
Решение
|
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel) |
Первичный источник обнаружения
|
CVE-2015-2423 CVE-2015-2449 CVE-2015-2441 CVE-2015-2446 CVE-2015-2442 CVE-2015-2448 CVE-2015-2447 CVE-2015-2444 CVE-2015-2443 CVE-2015-2450 CVE-2015-2445 CVE-2015-2452 CVE-2015-2451 |
Оказываемое влияние
?
|
ACE
[?]
OSI
[?]
DoS
[?]
SB
[?]
|
Связанные продукты
|
Microsoft Internet Explorer |
CVE-IDS
|
CVE-2015-24234.3Warning
CVE-2015-24494.3Warning CVE-2015-24419.3Critical CVE-2015-24469.3Critical CVE-2015-24429.3Critical CVE-2015-24489.3Critical CVE-2015-24479.3Critical CVE-2015-24449.3Critical CVE-2015-24439.3Critical CVE-2015-24509.3Critical CVE-2015-24454.3Warning CVE-2015-24529.3Critical CVE-2015-24519.3Critical |