Information Disclosure in Microsoft VBScript and JScript in Internet Explorer and Other Products
CVE-2015-6135

Currently unrated

Key Information:

Vendor: Microsoft
Status: Jscript; Vbscript
Vendor: CVE Published:; 9 December 2015

What is CVE-2015-6135?

The vulnerability in Microsoft VBScript and JScript engines allows attackers to exploit crafted web pages to extract sensitive information from process memory. This occurs in Internet Explorer versions 8 through 11 and other supporting products. If successfully executed, this could grant unauthorized access to potentially critical data, posing a significant risk to user privacy and security.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.securitytracker.com/id/1034315

vdb-entryx_refsource_SECTRACK

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

11% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 9, 2015
Vulnerability Reserved
Aug 14, 2015