Microsoft Internet Explorer And Microsoft Edge Object Use-After-Free Remote Code Execution Vulnerability
XLAB ID: XLAB-15-025
CVE ID: CVE-2015-1752
Patch Status: Fixed
Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer and Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. An attacker can leverage this vulnerability to execute code under the context of the current process.
Disclosure Timeline:
| 2015/03/05 | provide vulnerability detail to Microsoft Security Response Center via secure@microsoft.com |
|---|---|
| 2015/04/01 | Microsoft Security Response Center automatic reply |
| 2015/06/09 | Microsoft Security Response Center assigned CVE-ID CVE-2015-1752 |
Credit:
This vulnerability was discovered by: exp-sky