Microsoft Internet Explorer Multiple Memory Corruption Vulnerabilities (3034682) Network Vulnerability

Summary

This host is missing a critical security update according to Microsoft Bulletin MS15-009.

Impact

Successful exploitation will allow context -dependent attacker to corrupt memory, execute arbitrary code and compromise a user's system. Impact Level: System/Application

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the link, https://technet.microsoft.com/library/security/MS15-009

Insight

Multiple flaws are due to an error related to display:run-in handling, user supplied input is not properly validated and multiple unspecified vulnerabilities.

Affected

Microsoft Internet Explorer version 6.x/7.x/8.x/9.x/10.x/11.x

Detection

Get the vulnerable file version and check appropriate patch is applied or not.

References

http://osvdb.org/118141
https://support.microsoft.com/kb/3034682
https://technet.microsoft.com/library/security/MS15-009

Updated on 2015-03-25

Severity

Classification

Related Vulnerabilities

Message Queuing Remote Code Execution Vulnerability (951071)
ADODB.Stream object from Internet Explorer (KB870669)
Microsoft GDI+ Remote Code Execution Vulnerability (2489979)
Microsoft .NET Framework and Microsoft Silverlight Remote Code Execution Vulnerabilities (2651026)
Microsoft .NET Framework Privilege Elevation Vulnerability (2769324)

Take action and discover your vulnerabilities