Gravité: Critique
  Identifiant(s) CVE: : CVE-2015-2502
  Date du conseil: 18 août 2015


This vulnerability exists in several versions of the Windows browser Internet Explorer. The vulnerability lies in the way Internet Explorer accesses objects in memory. Attackers could exploit this vulnerability and allow remote code execution on the vulnerable machine. Attackers looking to take advantage of this vulnerability lures potential victims to click on malicious links in instant messages, email messages, and the like.

Affected versions of Internet Explorer are versions 7 to 11, installed in Windows operating systems from Windows Vista to Windows 10.

  Information Exposure Rating:

Vulnerability Protection in Trend Micro Deep Security protects user systems from threats that may leverage this vulnerability with the following DPI rule:

  • 1006957 - Microsoft Internet Explorer Arbitrary Remote Code Execution Vulnerability


  Affected software and version:

  • Internet Explorer 8
  • Internet Explorer 7
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11