The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Microsoft Internet Explorer

computer vulnerability CVE-2015-1652 CVE-2015-1657 CVE-2015-1659

Internet Explorer: ten vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Internet Explorer.
Impacted products: IE.
Severity: 4/4.
Consequences: user access/rights.
Provenance: document.
Number of vulnerabilities in this bulletin: 10.
Creation date: 14/04/2015.
Identifiers: 3038314, CERTFR-2015-AVI-150, CVE-2015-1652, CVE-2015-1657, CVE-2015-1659, CVE-2015-1660, CVE-2015-1661, CVE-2015-1662, CVE-2015-1665, CVE-2015-1666, CVE-2015-1667, CVE-2015-1668, MS15-032, VIGILANCE-VUL-16595, ZDI-15-124, ZDI-15-125, ZDI-15-126, ZDI-15-127, ZDI-15-128, ZDI-15-129, ZDI-15-130, ZDI-15-131, ZDI-15-136.

Description of the vulnerability

Several vulnerabilities were announced in Internet Explorer.

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-1652, ZDI-15-131]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-1657]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-1659, ZDI-15-136]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-1660, ZDI-15-126]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-1661, ZDI-15-127]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-1662]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-1665, ZDI-15-128]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-1666, ZDI-15-129]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-1667, ZDI-15-130]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-1668, ZDI-15-124, ZDI-15-125]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2015-0332 CVE-2015-0333 CVE-2015-0334

Adobe Flash Player: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Impacted products: Flash Player, IE, openSUSE, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 3/4.
Consequences: user access/rights, data reading.
Provenance: document.
Number of vulnerabilities in this bulletin: 11.
Creation date: 13/03/2015.
Identifiers: 2755801, APSB15-05, CERTFR-2015-AVI-114, CVE-2015-0332, CVE-2015-0333, CVE-2015-0334, CVE-2015-0335, CVE-2015-0336, CVE-2015-0337, CVE-2015-0338, CVE-2015-0339, CVE-2015-0340, CVE-2015-0341, CVE-2015-0342, openSUSE-SU-2015:0490-1, openSUSE-SU-2015:0496-1, openSUSE-SU-2015:0725-1, RHSA-2015:0697-01, SUSE-SU-2015:0491-1, SUSE-SU-2015:0493-1, VIGILANCE-VUL-16387, ZDI-15-087.

Description of the vulnerability

Several vulnerabilities were announced in Adobe Flash Player.

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2015-0332]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2015-0333]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2015-0335]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2015-0339]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2015-0334]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2015-0336]

An attacker can access to data of another web site. [severity:2/4; CVE-2015-0337]

An attacker can upload a malicious file, in order for example to upload a Trojan. [severity:3/4; CVE-2015-0340]

An attacker can generate an integer overflow, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2015-0338]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2015-0341, ZDI-15-087]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2015-0342]
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2015-0311

Adobe Flash Player: use after free via UncompressViaZlibVariant

Synthesis of the vulnerability

An attacker can invite the victim to display a malicious Adobe Flash Player animation, to force the usage of a freed memory area in ByteArray::UncompressViaZlibVariant, in order to trigger a denial of service, and possibly to execute code.
Impacted products: Flash Player, IE, openSUSE, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, denial of service on server, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 22/01/2015.
Revisions dates: 23/01/2015, 12/03/2015.
Identifiers: 2755801, APSA15-01, CVE-2015-0311, openSUSE-SU-2015:0150-1, openSUSE-SU-2015:0174-1, RHSA-2015:0094-01, SUSE-SU-2015:0151-1, SUSE-SU-2015:0163-1, VIGILANCE-VUL-16034.

Description of the vulnerability

The Adobe Flash Player product displays animations included in web pages.

However, the ByteArray::UncompressViaZlibVariant function frees a memory area before reusing it.

An attacker can therefore invite the victim to display a malicious Adobe Flash Player animation, to force the usage of a freed memory area in ByteArray::UncompressViaZlibVariant, in order to trigger a denial of service, and possibly to execute code.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2015-0032 CVE-2015-0056 CVE-2015-0072

IE: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of IE.
Impacted products: IE.
Severity: 4/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 12.
Creation date: 10/03/2015.
Identifiers: 3032359, CERTFR-2015-ALE-004, CERTFR-2015-AVI-094, CVE-2015-0032, CVE-2015-0056, CVE-2015-0072, CVE-2015-0099, CVE-2015-0100, CVE-2015-1622, CVE-2015-1623, CVE-2015-1624, CVE-2015-1625, CVE-2015-1626, CVE-2015-1627, CVE-2015-1634, MS15-018, VIGILANCE-VUL-16362, ZDI-15-075, ZDI-15-077, ZDI-15-080, ZDI-15-081, ZDI-15-082, ZDI-15-083, ZDI-15-084, ZDI-15-255.

Description of the vulnerability

Several vulnerabilities were announced in IE.

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0056, ZDI-15-077]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0099, ZDI-15-080]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0100, ZDI-15-081]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-1622, ZDI-15-082, ZDI-15-255]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-1623, ZDI-15-083]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-1624, ZDI-15-084]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-1625]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-1626, ZDI-15-075]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-1634]

An attacker can generate a memory corruption in VBScript, in order to trigger a denial of service, and possibly to execute code (VIGILANCE-VUL-16363). [severity:4/4; CVE-2015-0032]

An attacker can trigger a Cross Site Scripting in Internet Explorer via a Frame and a Redirect, in order to execute JavaScript code in the context of the web site (VIGILANCE-VUL-16098). [severity:2/4; CERTFR-2015-ALE-004, CVE-2015-0072]

An attacker can use a script, in order to escalate his privileges. [severity:3/4; CVE-2015-1627]
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2015-1637

Windows Schannel: weakening TLS encryption via FREAK

Synthesis of the vulnerability

An attacker, located as a Man-in-the-Middle, can force the Windows Schannel client to accept a weak export algorithm, in order to more easily capture or alter exchanged data.
Impacted products: IE, Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows RT, Windows Vista.
Severity: 2/4.
Consequences: data reading, data creation/edition.
Provenance: internet server.
Creation date: 06/03/2015.
Identifiers: 3046015, 3046049, CERTFR-2015-AVI-107, CVE-2015-1637, FREAK, MS15-031, VIGILANCE-VUL-16332, VU#243585.

Description of the vulnerability

The TLS protocol uses a series of messages which have to be exchanged between the client and the server, before establishing a secured session.

Several cryptographic algorithms can be negotiated, such as algorithms allowed for USA export (less than 512 bits).

An attacker, located as a Man-in-the-Middle, can inject during the session initialization a message choosing an export algorithm. This message should generate an error, however, the Windows Schannel client accepts it.

Microsoft indicates that this vulnerability is different from VIGILANCE-VUL-16301, because export algorithms are disabled, but still used. Excepted this policy difference, this vulnerability is identical.

An attacker, located as a Man-in-the-Middle, can therefore force the Windows Schannel client to accept a weak export algorithm, in order to more easily capture or alter exchanged data.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2015-0017 CVE-2015-0018 CVE-2015-0019

Internet Explorer: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Internet Explorer.
Impacted products: IE.
Severity: 4/4.
Consequences: user access/rights, data reading, data creation/edition, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 40.
Creation date: 10/02/2015.
Identifiers: 3034682, CERTFR-2015-AVI-060, CVE-2015-0017, CVE-2015-0018, CVE-2015-0019, CVE-2015-0020, CVE-2015-0021, CVE-2015-0022, CVE-2015-0023, CVE-2015-0025, CVE-2015-0026, CVE-2015-0027, CVE-2015-0028, CVE-2015-0029, CVE-2015-0030, CVE-2015-0031, CVE-2015-0035, CVE-2015-0036, CVE-2015-0037, CVE-2015-0038, CVE-2015-0039, CVE-2015-0040, CVE-2015-0041, CVE-2015-0042, CVE-2015-0043, CVE-2015-0044, CVE-2015-0045, CVE-2015-0046, CVE-2015-0048, CVE-2015-0049, CVE-2015-0050, CVE-2015-0051, CVE-2015-0052, CVE-2015-0053, CVE-2015-0054, CVE-2015-0055, CVE-2015-0066, CVE-2015-0067, CVE-2015-0068, CVE-2015-0069, CVE-2015-0070, CVE-2015-0071, MS15-009, VIGILANCE-VUL-16159, ZDI-15-013, ZDI-15-014, ZDI-15-015, ZDI-15-016, ZDI-15-017, ZDI-15-018, ZDI-15-019, ZDI-15-020, ZDI-15-021, ZDI-15-022, ZDI-15-023, ZDI-15-024, ZDI-15-025, ZDI-15-026, ZDI-15-027, ZDI-15-028, ZDI-15-029, ZDI-15-102.

Description of the vulnerability

Several vulnerabilities were announced in Internet Explorer.

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0017, ZDI-15-013]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0018]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0019]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0020]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0021]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0022]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0023]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0025, ZDI-15-014]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0026]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0027, ZDI-15-015]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0028]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0029]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0030]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0031, ZDI-15-016]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0035, ZDI-15-017, ZDI-15-018]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0036, ZDI-15-019]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0037, ZDI-15-020]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0038, ZDI-15-021]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0039]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0040, ZDI-15-022]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0041, ZDI-15-023]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0042, ZDI-15-024]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0043, ZDI-15-025, ZDI-15-102]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0044, ZDI-15-026]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0045, ZDI-15-027]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0046, ZDI-15-028]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0048]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0049]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0050]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0052]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0053, ZDI-15-029]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0066]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0067]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-0068]

An attacker can escalate his privileges. [severity:3/4; CVE-2015-0054]

An attacker can escalate his privileges. [severity:3/4; CVE-2015-0055]

An attacker can bypass ASLR, in order to exploit a memory corruption. [severity:2/4; CVE-2015-0051]

An attacker can bypass ASLR, in order to exploit a memory corruption. [severity:2/4; CVE-2015-0069]

An attacker can bypass ASLR, in order to exploit a memory corruption. [severity:2/4; CVE-2015-0071]

An attacker can access to another domain, in order to obtain sensitive information. [severity:2/4; CVE-2015-0070]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2015-0313

Adobe Flash Player: code execution

Synthesis of the vulnerability

An attacker can invite the victim to display a malicious Adobe Flash Player animation, in order to execute code.
Impacted products: Flash Player, IE, openSUSE, SUSE Linux Enterprise Desktop, SLES.
Severity: 3/4.
Consequences: user access/rights.
Provenance: document.
Creation date: 02/02/2015.
Revision date: 03/02/2015.
Identifiers: 2755801, APSA15-02, APSB15-04, CERTFR-2015-ALE-002, CERTFR-2015-AVI-055, CVE-2015-0313, openSUSE-SU-2015:0237-1, openSUSE-SU-2015:0238-1, SUSE-SU-2015:0236-1, SUSE-SU-2015:0239-1, VIGILANCE-VUL-16097.

Description of the vulnerability

The Adobe Flash Player product displays animations included in web pages.

However, an attacker can create an animation leading to code execution on victim's computer.

An attacker can therefore invite the victim to display a malicious Adobe Flash Player animation, in order to execute code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2015-0072

IE: Cross Site Scripting via Frame and Redirect

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting in Internet Explorer via a Frame and a Redirect, in order to execute JavaScript code in the context of the web site.
Impacted products: IE.
Severity: 3/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 03/02/2015.
Identifiers: 3032359, CERTFR-2015-ALE-004, CVE-2015-0072, MS15-018, VIGILANCE-VUL-16098.

Description of the vulnerability

An HTML Frame is used to include a document inside another one. The HTTP redirection redirects an url to another one.

However, using a Frame and a Redirect, a web site can access to another web site.

An attacker can therefore trigger a Cross Site Scripting in Internet Explorer via a Frame and a Redirect, in order to execute JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2015-0312

Adobe Flash Player: use after free

Synthesis of the vulnerability

An attacker can force the usage of a freed memory area of Adobe Flash Player, in order to trigger a denial of service, and possibly to execute code.
Impacted products: Flash Player, IE, RHEL.
Severity: 3/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Creation date: 27/01/2015.
Identifiers: 2755801, APSA15-01, APSB15-03, CVE-2015-0312, RHSA-2015:0094-01, VIGILANCE-VUL-16064.

Description of the vulnerability

The Adobe Flash Player product displays animations included in web pages.

However, a malicious animation forces the double free of a memory area.

An attacker can therefore force the usage of a freed memory area of Adobe Flash Player, in order to trigger a denial of service, and possibly to execute code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2015-0310

Adobe Flash Player: bypassing ASLR

Synthesis of the vulnerability

An attacker can bypass ASLR via Adobe Flash Player, in order to ease the exploitation of another vulnerability.
Impacted products: Flash Player, IE, openSUSE, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Consequences: user access/rights.
Provenance: document.
Creation date: 23/01/2015.
Identifiers: 2755801, APSB15-02, CERTFR-2015-ALE-001, CERTFR-2015-AVI-037, CVE-2015-0310, openSUSE-SU-2015:0110-1, openSUSE-SU-2015:0147-1, openSUSE-SU-2015:0174-1, RHSA-2015:0094-01, SUSE-SU-2015:0129-1, SUSE-SU-2015:0135-1, VIGILANCE-VUL-16036.

Description of the vulnerability

Systems use ASLR in order to randomize memory addresses used by programs and libraries.

However, Adobe Flash Player allows an attacker to bypass this security feature.

An attacker can therefore bypass ASLR via Adobe Flash Player, in order to ease the exploitation of another vulnerability.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Microsoft Internet Explorer: