Vulnerability Details CVE-2015-6045
Use-after-free vulnerability in the CElement object implementation in Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JavaScript that improperly interacts with use of the Cascading Style Sheets (CSS) empty-cells property for a TABLE element, aka "Internet Explorer Memory Corruption Vulnerability."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.344
EPSS Ranking 96.8%
CVSS Severity
CVSS v2 Score 9.3
References
- http://www.zerodayinitiative.com/advisories/ZDI-15-523
- http://www.zerodayinitiative.com/advisories/ZDI-15-523/
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-106
- http://www.zerodayinitiative.com/advisories/ZDI-15-523
- http://www.zerodayinitiative.com/advisories/ZDI-15-523/
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-106
Products affected by CVE-2015-6045
-
cpe:2.3:a:microsoft:internet_explorer:11