Vulnerabilities > CVE-2015-1662 - Resource Management Errors vulnerability in Microsoft Internet Explorer 11

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
microsoft
CWE-399
critical
nessus

Summary

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1659 and CVE-2015-1665.

Vulnerable Configurations

Part Description Count
Application
Microsoft
1

Common Weakness Enumeration (CWE)

Msbulletin

bulletin_idMS15-032
bulletin_url
date2015-04-14T00:00:00
impactRemote Code Execution
knowledgebase_id3038314
knowledgebase_url
severityCritical
titleCumulative Security Update for Internet Explorer

Nessus

NASL familyWindows : Microsoft Bulletins
NASL idSMB_NT_MS15-032.NASL
descriptionThe version of Internet Explorer installed on the remote host is missing Cumulative Security Update 3038314. It is, therefore, affected by multiple vulnerabilities, the majority of which are remote code execution vulnerabilities. An attacker can exploit these vulnerabilities by convincing a user to visit a specially crafted website. Note that KB3038314 was updated on April 22, 2015, for Internet Explorer for Windows Server 2003. If this update was installed prior to April 22, it will need to be reinstalled to be fully protected.
last seen2020-06-01
modified2020-06-02
plugin id82770
published2015-04-14
reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/82770
titleMS15-032: Cumulative Security Update for Internet Explorer (3038314)