CVE-2015-2372

Name of the Vulnerable Software and Affected Versions Microsoft VBScript versions 5.6 through 5.8

Description A remote code execution issue exists in the way the VBScript engine handles objects in memory when rendered in Internet Explorer. This could allow an attacker to execute arbitrary code or cause a denial of service due to memory corruption via a crafted web site. An attacker who successfully exploits this issue could gain the same user rights as the current user, potentially taking complete control of an affected system if the current user has administrative rights.

Recommendations For Microsoft VBScript versions 5.6 through 5.8, update to a version that is not affected by this issue to prevent exploitation.