CVE-2015-0069

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 10 through 11

Description A security feature bypass issue exists due to Internet Explorer not utilizing the Address Space Layout Randomization (ASLR) security feature. This allows an attacker to more reliably predict memory offsets of specific instructions in a given call stack. An attacker who successfully exploits this issue could bypass the ASLR security feature, which protects users from a broad class of vulnerabilities. This bypass by itself does not allow arbitrary code execution, but it could be used in conjunction with another vulnerability, such as a remote code execution vulnerability, to run arbitrary code.

Recommendations For Microsoft Internet Explorer versions 10 and 11, at the moment, there is no information about a newer version that contains a fix for this vulnerability.