Memory Corruption Vulnerability in Microsoft VBScript and JScript Engines
CVE-2015-6055

Currently unrated

Key Information:

Vendor: Microsoft
Status: Jscript; Vbscript
Vendor: CVE Published:; 14 October 2015

Summary

The vulnerability allows remote attackers to execute arbitrary code or induce a denial of service through specially crafted Filter arguments processed by the VBScript and JScript engines. This flaw affects multiple versions of Internet Explorer and can lead to significant security risks if exploited, facilitating unauthorized access to system resources.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.zerodayinitiative.com/advisories/ZDI-15-537

x_refsource_MISC

http://www.zerodayinitiative.com/advisories/ZDI-15-521

x_refsource_MISC

EPSS Score

39% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 14, 2015
Vulnerability Reserved
Aug 14, 2015