CVE-2015-2502

Published: Aug 19, 2015Modified: Apr 22, 2026CISA KEV

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," as exploited in the wild in August 2015.

Affected (5)

Products: Microsoft: Internet Explorer

Microsoft

1 product

Internet Explorer

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Microsoft Internet Explorer	Version 7

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Microsoft Internet Explorer	Version 8

Running on/with	Platform Versions
Microsoft Windows Server 2008	Version r2 sp1

Configuration C

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Microsoft Internet Explorer	Version 9

Running on/with	Platform Versions
Microsoft Windows Server 2008	All versions
Microsoft Windows Vista	All versions

Configuration D

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Microsoft Internet Explorer	Version 10

Running on/with	Platform Versions
Microsoft Windows 8	All versions
Microsoft Windows Server 2012	All versions

Configuration E

1 vulnerable · 6 platform

Vulnerable Software	Affected Versions
Microsoft Internet Explorer	Version 11

Running on/with	Platform Versions
Microsoft Windows 10 1507	All versions
Microsoft Windows 7	All versions
Microsoft Windows 8.1	All versions
Microsoft Windows Rt 8.1	All versions
Microsoft Windows Server 2008	Version r2 sp1
Microsoft Windows Server 2012	Version r2