Information Disclosure Vulnerability in Microsoft Silverlight 5
CVE-2015-6165

Currently unrated

Key Information:

Vendor: Microsoft
Status: Silverlight
Vendor: CVE Published:; 9 December 2015

What is CVE-2015-6165?

Microsoft Silverlight 5, prior to version 5.1.41105.00, contains an information disclosure vulnerability that can be exploited by remote attackers to bypass the Address Space Layout Randomization (ASLR) security feature. This flaw could allow an attacker to craft malicious websites that leverage this vulnerability, potentially exposing sensitive data or system information. Proper updates and security measures are crucial to mitigate risks associated with this vulnerability.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.securitytracker.com/id/1034321

vdb-entryx_refsource_SECTRACK

EPSS Score

26% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 9, 2015
Vulnerability Reserved
Aug 14, 2015