CVE-2015-6055

Name of the Vulnerable Software and Affected Versions Internet Explorer versions 8 through 11 VBScript versions 5.7 and 5.8 JScript versions 5.7 and 5.8

Description A remote code execution issue exists due to the way VBScript and JScript engines handle objects in memory. This could allow an attacker to execute arbitrary code or cause a denial of service via crafted Filter arguments, potentially gaining the same user rights as the current user. If the current user has administrative rights, an attacker could take control of the affected system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Internet Explorer versions 8 through 11, update the VBScript and JScript engines to a non-vulnerable version. For VBScript versions 5.7 and 5.8, consider disabling the Filter function as a temporary workaround until a patch is available. For JScript versions 5.7 and 5.8, restrict access to potentially vulnerable memory rendering functions to minimize the risk of exploitation.