Microsoft Internet Explorer ASLR Bypass (CVE-2015-1685)
Data de publicação: 21 julho 2015
Schweregrad: : Crítico
Data do informe: 21 julho 2015
Descrição
A security feature bypass vulnerability exists when Internet Explorer does not use the Address Space Layout Randomization (ASLR) security feature, allowing an attacker to more reliably predict the memory offsets of specific instructions in a given call stack. An attacker who successfully exploited this vulnerability could bypass the Address Space Layout Randomization (ASLR) security feature, which helps protect users from a broad class of vulnerabilities.
Exposição das informações
Apply associated Trend Micro DPI Rules.
Solução
Trend Micro Deep Security DPI Rule Number: 1006664