CVE-2015-2440

Currently unrated

Key Information:

Vendor: Microsoft
Status: Xml Core Services
Vendor: CVE Published:; 15 August 2015

Summary

Microsoft XML Core Services 3.0, 5.0, and 6.0 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "MSXML Information Disclosure Vulnerability."

References

http://www.securitytracker.com/id/1033241

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/76232

vdb-entryx_refsource_BID

http://www.zerodayinitiative.com/advisories/ZDI-15-381

x_refsource_MISC

EPSS Score

56% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 15, 2015
Vulnerability Reserved
Mar 19, 2015

Collectors

NVD DatabaseMitre Database