CVE-2015-2471

Currently unrated

Key Information:

Vendor: Microsoft
Status: Xml Core Services
Vendor: CVE Published:; 15 August 2015

Summary

Microsoft XML Core Services 3.0, 5.0, and 6.0 supports SSL 2.0, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and conducting a decryption attack, aka "MSXML Information Disclosure Vulnerability," a different vulnerability than CVE-2015-2434.

References

http://www.securitytracker.com/id/1033241

vdb-entryx_refsource_SECTRACK

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

1% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 15, 2015
Vulnerability Reserved
Mar 19, 2015

Collectors

NVD DatabaseMitre Database