CVE-2015-6168

Microsoft Edge - Remote Code Execution via Memory Corruption

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-6168. PoCs published by Skylined.

AI-analyzed exploit summary The provided text describes a memory corruption vulnerability in Microsoft Edge (CVE-2015-6168), triggered by a specially crafted web page. It includes repro steps and variations but lacks executable exploit code.

Description

Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6153.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Skylined · textdoswindows
https://www.exploit-db.com/exploits/40878

The provided text describes a memory corruption vulnerability in Microsoft Edge (CVE-2015-6168), triggered by a specially crafted web page. It includes repro steps and variations but lacks executable exploit code.

Classification
Writeup 90%
Attack Type
Other
Complexity
Moderate
Reliability
Theoretical
Target: Microsoft Edge 11.0.10240.16384
No auth needed
Prerequisites: Target user must visit a malicious web page
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
Exploit, Third Party Advisory x_refsource_misc
http://blog.skylined.nl/20161201001.html
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/40878/
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1034316
Third Party Advisory, VDB Entry x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-15-583
Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2016/Dec/4

Scores

EPSS 0.3496
EPSS Percentile 98.2%

Details

CWE
CWE-119
Status published
Products (1)
microsoft/edge
Published Dec 09, 2015
Tracked Since Feb 18, 2026