CVE-2015-2482

Microsoft JScript and VBScript - Remote Code Execution via Crafted Replace Operation with JavaScript Regular Expression

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-2482. PoCs published by Skylined.

AI-analyzed exploit summary This PoC exploits a use-after-free vulnerability in Microsoft Internet Explorer 8's JavaScript engine by forcing the reuse of freed string memory during regular expression recompilation. The exploit leverages heap manipulation techniques to trigger the vulnerability.

Description

The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted replace operation with a JavaScript regular expression, aka "Scripting Engine Memory Corruption Vulnerability."

Exploits (1)

exploitdb WORKING POC VERIFIED

by Skylined · htmldoswindows

https://www.exploit-db.com/exploits/40798

View Code ZIP pw:eip

This PoC exploits a use-after-free vulnerability in Microsoft Internet Explorer 8's JavaScript engine by forcing the reuse of freed string memory during regular expression recompilation. The exploit leverages heap manipulation techniques to trigger the vulnerability.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Racy

Target: Microsoft Internet Explorer 8

No auth needed

Prerequisites: Target must visit a specially crafted web-page · JavaScript must be enabled in the target's browser

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6

Core References

Vendor Advisory vendor-advisory x_refsource_ms

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-108

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1033800

Third Party Advisory mailing-list x_refsource_fulldisc

http://seclists.org/fulldisclosure/2015/Oct/54

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/40798/

Vendor Advisory vendor-advisory x_refsource_ms

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-106

Third Party Advisory, VDB Entry x_refsource_misc

http://www.zerodayinitiative.com/advisories/ZDI-15-515

Scores

EPSS 0.6410

EPSS Percentile 98.5%

Details

CWE

CWE-119

Status published

Products (6)

microsoft/jscript 5.6

microsoft/jscript 5.7

microsoft/jscript 5.8

microsoft/vbscript 5.6

microsoft/vbscript 5.7

microsoft/vbscript 5.8

Published Oct 14, 2015

Tracked Since Feb 18, 2026