VBScript ASLR Bypass in Microsoft IE & VBScript Engine
CVE-2015-1684

Currently unrated

Key Information:

Vendor

Microsoft
Status
Vbscript
Vendor
CVE Published:
13 May 2015

What is CVE-2015-1684?

The vulnerability exists in the VBScript.dll component of the Microsoft VBScript engine versions 5.6 through 5.8, utilized in Internet Explorer versions 8 through 11 and other Microsoft products. A remote attacker could exploit this flaw to bypass the ASLR protection mechanism by crafting a malicious website. This allows the attacker to execute arbitrary code on the affected system, potentially compromising user data and security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/74522
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1032282
vdb-entryx_refsource_SECTRACK
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS

EPSS Score

13% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.