CVE-2015-2372

Microsoft VBScript 5.6-5.8 - Remote Code Execution via Memory Corruption

Title source: llm
STIX 2.1

Description

vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 6 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScript Memory Corruption Vulnerability."

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1032894
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1032895

Scores

EPSS 0.2024
EPSS Percentile 97.2%

Details

CWE
CWE-119
Status published
Products (3)
microsoft/vbscript 5.6
microsoft/vbscript 5.7
microsoft/vbscript 5.8
Published Jul 14, 2015
Tracked Since Feb 18, 2026