KLA10677
Multiple vulnerabilities in Microsoft Internet Explorer
Обновлено: 17/06/2019
Дата обнаружения
13/10/2015
Уровень угрозы
Critical
Описание

Multiple serious vulnerabilities have been found in Microsoft Internet Explorer. Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges, execute arbitrary code or obtain sensitive information.

Below is a complete list of vulnerabilities

  1. Improper memory objects access can be exploited remotely via a specially designed web site to execute arbitrary code;
  2. Improper memory objects handling at script engines can be exploited remotely via a specially designed web site to execute arbitrary code;
  3. Improper permissions validation can be exploited remotely via a specially designed web site to gain privileges;
  4. Improper memory disclosure can be exploited remotely to obtaib sensitive information;
  5. Lack of ASLR restrictions at script engines can be exploited remotely to obtain sensitive information;
  6. Improper memory content disclosure at script engine can be exploited remotely via a specially designed web site to obtain sensitive information.
Пораженные продукты

Microsoft Internet Explorer versions from 7 through 11

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2015-2482
CVE-2015-6055
CVE-2015-6059
CVE-2015-6052
CVE-2015-6044
CVE-2015-6047
CVE-2015-6056
CVE-2015-6053
CVE-2015-6050
CVE-2015-6051
CVE-2015-6048
CVE-2015-6049
CVE-2015-6046
CVE-2015-6042
Оказываемое влияние
?
ACE 
[?]

OSI 
[?]

SB 
[?]

PE 
[?]
Связанные продукты
Microsoft Internet Explorer
CVE-IDS
CVE-2015-24829.3Critical
CVE-2015-60559.3Critical
CVE-2015-60594.3Warning
CVE-2015-60524.3Warning
CVE-2015-60446.8High
CVE-2015-60476.8High
CVE-2015-60569.3Critical
CVE-2015-60535.0Critical
CVE-2015-60509.3Critical
CVE-2015-60514.3Warning
CVE-2015-60489.3Critical
CVE-2015-60499.3Critical
CVE-2015-60464.3Warning
CVE-2015-60429.3Critical
Microsoft official advisories
Microsoft Security Update Guide
KB list

3097617
3094995
3094996
3093983
3096441