CVE-2015-6059

Name of the Vulnerable Software and Affected Versions Internet Explorer versions 8 through 11 VBScript versions 5.7 and 5.8 JScript versions 5.7 and 5.8

Description The issue is related to the improper disclosure of memory contents by the JScript or VBScript engines, potentially allowing remote attackers to obtain sensitive information from process memory via a crafted web site. An attacker must know the memory address of where the object was created to exploit this issue.

Recommendations For Internet Explorer versions 8 through 11, update the scripting engines to a non-vulnerable version. For VBScript versions 5.7 and 5.8, consider disabling the scripting engine until a patch is available. For JScript versions 5.7 and 5.8, restrict access to sensitive data to minimize the risk of exploitation.