Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2502)
Publish Date: 19 de sierpnia de 2015
Severity: : Critical
CVE Kennungen: : CVE-2015-2502
Advisory Date: 18 de sierpnia de 2015
DESCRIPTION
This vulnerability exists in several versions of the Windows browser Internet Explorer. The vulnerability lies in the way Internet Explorer accesses objects in memory. Attackers could exploit this vulnerability and allow remote code execution on the vulnerable machine. Attackers looking to take advantage of this vulnerability lures potential victims to click on malicious links in instant messages, email messages, and the like.
Affected versions of Internet Explorer are versions 7 to 11, installed in Windows operating systems from Windows Vista to Windows 10.
INFORMATION EXPOSURE
Vulnerability Protection in Trend Micro Deep Security protects user systems from threats that may leverage this vulnerability with the following DPI rule:
- 1006957 - Microsoft Internet Explorer Arbitrary Remote Code Execution Vulnerability
SOLUTION
AFFECTED SOFTWARE AND VERSION:
- Internet Explorer 8
- Internet Explorer 7
- Internet Explorer 9
- Internet Explorer 10
- Internet Explorer 11