CVE-2015-2391

Name of the Vulnerable Software and Affected Versions Internet Explorer versions 9

Description The issue is caused by a buffer overflow in dynamic memory, allowing a remote attacker to execute arbitrary code or cause a denial of service via a specially crafted web site. This vulnerability could corrupt memory, enabling an attacker to execute arbitrary code in the context of the current user. If the current user has administrative rights, the attacker could gain complete control of the affected system, allowing them to install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Internet Explorer version 9, update to a newer version to mitigate the risk. As a temporary workaround, consider restricting access to specially crafted web sites to minimize the risk of exploitation.