CVE-2015-6047

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 8 through 11

Description The issue is related to the EditWith feature in Microsoft Internet Explorer, which allows remote attackers to bypass the AppContainer protection mechanism and gain privileges. This can be achieved via a DelegateExecute launch of an arbitrary application, demonstrating a transition from Low Integrity to Medium Integrity. The vulnerability exists due to insufficient access restrictions to certain functions, potentially allowing a script to be run with elevated privileges under specific conditions. However, it does not allow arbitrary code to be run by itself but could be used in conjunction with another vulnerability to take advantage of the elevated privileges.

Recommendations For Microsoft Internet Explorer versions 8 through 11, at the moment, there is no information about a newer version that contains a fix for this vulnerability.