Vulnerability

CERT-In Vulnerability Note CIVN-2015-0252
Multiple Vulnerabilities in Microsoft Internet Explorer

Original Issue Date:October 14, 2015

Severity Rating: HIGH

Systems Affected

Windows Vista SP 2
Windows Vista x64 Edition SP 2
Windows Server 2008 for 32-bit Systems SP2, x64-based Systems SP2 and Itanium-based Systems SP2
Windows Server 2008 R2 for x64-based Systems SP1 and Itanium-based Systems SP1
Windows 7 for 32-bit Systems SP1 and x64-based Systems SP1
Windows 8 for 32-bit Systems and x64-based Systems
Windows 8.1 for 32-bit Systems and x64-based Systems
Windows 10 for 32-bit Systems and x64-based System
Windows RT
Windows RT 8.1
Windows Server 2012
Windows Server 2012 R2
Internet Explorer 7, 8, 9, 10 and 11
VBScript 5.7
VBScript 5.8
Jscript 5.7
Jscript 5.8

Overview

Multiple vulnerabilities have been reported in Microsoft Internet Explorer which could allow a remote attacker to cause elevation of privileges, bypass security restrictions, execute arbitrary code or allow access to sensitive information.

Description

1. Multiple Remote Code Execution Vulnerabilities ( CVE-2015-6046 CVE-2015-6048 CVE-2015-6049 CVE-2015-6050 CVE-2015-6042 )

Multiple remote code execution vulnerabilities exist in Microsoft Internet Explorer due to improper accessing of objects in the memory. A remote attacker could exploit these vulnerabilities by enticing the targeted user to visit a malicious website through Internet Explorer which could result in memory corruption of the targeted system. Successful exploitation of the vulnerabilities could lead to execution of an arbitrary code in the context of the logged in user.

2. Multiple Scripting Engine Memory Corruption Vulnerabilities ( CVE-2015-2482 CVE-2015-6055 CVE-2015-6056 )

Multiple remote code execution vulnerabilities exist in Microsoft Internet Explorer due to improper accessing of objects in the memory while rendering the VBScript and JScript engines. A remote attacker could exploit these vulnerabilities by convincing the targeted user to visit a specially crafted website through Internet Explorer or by embedding a "safe for initialization" ActiveX control in an application or Microsoft Office document which hosts the IE rendering engine resulting in memory corruption of the targeted system.
Successful exploitation of the vulnerabilities could allow the attacker to gain elevated privileges of the target user. The attacker could also gain complete control of the target system if the user is logged in with admin privileges.

Workaround

Restrict access to VBScript.dll and JScript.dll

3. Privilege Elevation Vulnerabilities ( CVE-2015-6044 CVE-2015-6047 CVE-2015-6051 )

Multiple privilege elevation vulnerabilities exist in Microsoft Internet Explorer due to improper validation of permissions under specific conditions. A remote attacker could exploit these vulnerabilities by convincing a user to view a specially crafted website. Successful exploitation of this vulnerability could allow the attacker to gain elevated privileges of the targeted system.
Also, this vulnerability in conjunction with other vulnerabilities could lead to further attacks.

Workaround

Remove the .rdp file association

4. Information Disclosure Vulnerability ( CVE-2015-6053 )

A vulnerability exists in Internet Explorer due to an error while disclosing contents of its memory. A remote attacker could exploit this vulnerability by enticing the target user to view a specially crafted webpage. Successful exploitation of this vulnerability could allow the attacker to obtain sensitive information from the process memory.

5. VBScript and JScript Address Space Layout Randomization (ASLR) Bypass Vulnerability ( CVE-2015-6052 )

An ASLR bypass vulnerability exists in Microsoft Internet Explorer due to the failure of the VBScript and JScript engines to use the Address Space Layout Randomization (ASLR) security feature. A remote attacker could exploit this vulnerability by enticing the target user to view a specially crafted webpage. Successful exploitation of this vulnerability could allow the attacker to bypass the ASLR security feature. This vulnerability in conjunction with other vulnerabilities could lead to further attacks.

Workaround

Restrict access to VBScript.dll

6. Scripting Engine Information Disclosure Vulnerability ( CVE-2015-6059 )

A vulnerability exists in Internet Explorer due to improper disclosure of the contents in the memory by JScript or VBScript. A remote attacker could exploit this vulnerability by convincing the target user to view a specially crafted webpage. Successful exploitation of this vulnerability could allow the attacker to obtain sensitive information from the memory.

Solution

Apply appropriate patches as mentioned in Microsoft Security Bulletin MS15-106

Vendor Information

Microsoft
https://technet.microsoft.com/library/security/MS15-106

References

Security Tracker
http://www.securitytracker.com/id/1033800

Microsoft
https://technet.microsoft.com/library/security/MS15-106

CVE Name
CVE-2015-6042
CVE-2015-6048
CVE-2015-6049
CVE-2015-6050
CVE-2015-2482
CVE-2015-6055
CVE-2015-6056

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Email: info@cert-in.org.in
Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
Electronics Niketan
6, CGO Complex, Lodhi Road,
New Delhi - 110 003
India