CVE-2015-2493

Name of the Vulnerable Software and Affected Versions Internet Explorer 8

Description The issue is related to the VBScript and JScript engines in Internet Explorer, which can allow remote attackers to execute arbitrary code or cause a denial of service due to memory corruption via a crafted web site. This is caused by a buffer overflow in the implementation of these scripting engines. An attacker who successfully exploits the issue could gain the same user rights as the current user, potentially taking control of an affected system if the current user has administrative rights. This could enable the attacker to install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Internet Explorer 8, consider applying security updates or patches that address the scripting engine memory corruption issue to prevent remote code execution and denial of service attacks. As a temporary workaround, consider restricting the use of VBScript and JScript engines in Internet Explorer until a patch is available.