Information Disclosure in Microsoft VBScript and JScript in Internet Explorer and Other Products
CVE-2015-6135

Currently unrated

Key Information:

Vendor
Microsoft
Status
Jscript
Vbscript
Vendor
CVE Published:
9 December 2015

Summary

The vulnerability in Microsoft VBScript and JScript engines allows attackers to exploit crafted web pages to extract sensitive information from process memory. This occurs in Internet Explorer versions 8 through 11 and other supporting products. If successfully executed, this could grant unauthorized access to potentially critical data, posing a significant risk to user privacy and security.

References

https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS
http://www.securitytracker.com/id/1034315
vdb-entryx_refsource_SECTRACK
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS

EPSS Score

11% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2015-6135 : Information Disclosure in Microsoft VBScript and JScript in Internet Explorer and Other Products | SecurityVulnerability.io