CVE-2015-2482

CVE Database · CVE-2015-2482

CVE-2015-2482

· N/AModified

CVSS v3.1

N/A

EPSS

32.29%

Published

Oct 13, 2015

Modified

May 6, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBMicrosoft Internet Explorer 8 - jscript 'RegExpBase::FBadHeader' Use-After-Free (MS15-018)TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted replace operation with a JavaScript regular expression, aka "Scripting Engine Memory Corruption Vulnerability."

Weaknesses (CWE)

CWE-119

Affected Products (10)

microsoft · jscriptvulnerable

microsoft · vbscriptvulnerable

microsoft · internet_explorer

References (12)

http://seclists.org/fulldisclosure/2015/Oct/54

Third Party Advisory

http://www.securitytracker.com/id/1033800

Third Party AdvisoryVDB Entry

http://www.zerodayinitiative.com/advisories/ZDI-15-515