Accessibility Options |  Sitemap |  Contact Us
   
 
 
 
HOME space ABOUTCERTIn space KNOWLEDGEBASE space TRAINING space ADVISORIES space VULNOTES space space Facebook space x space insta space youtube space Linkedin
WLine
DigitalIndia
WLine
csk
WLine
Full Member FIRST
Line
Operational Member TFCSIRT
Line
Accredited Member APCERT
Line
Global Research Partner APWG
Line
Associate Partner Charter
Line
CNA
WLine
 Directions by CERT-In under  Section 70B, Information  Technology Act 2000
WLine
 Guidelines on Information  Security Practices for  Government Entities
WLine
 Technical Guidelines on NEW  SOFTWARE BILL OF MATERIALS  (SBOM)
WLine
 Cyber Security GuidelinesNEW  for Smart City Infrastructure
About CERT-in
Line
point point Client's /Citizen's Charter
Line
point point Roles & Functions
Line
point point Advisory Committee
Line
point point Act/Rules/Regulations
Line
point point Internal Complaint Committee         (ICC) 
Line
point point RFC2350 
line
point point Press  
Line
point point Tender 
Line
point point Subscribe Mailing List
Line
point point Contact Us
Line
Line
Reporting
point
 Incident Reporting
point
Line
point
 Vulnerability Reporting
point
Line
point
 Feedback
point
Line
KnowledgeBase
Line
point Point Guidelines
Line
point Point Presentations
Line
point Point White Papers 
Line
point Point Annual Report 
Line
Line
Line
line
Line
line
line
Advisories
Line
VulnerabilityNotes
Line
RelatedLinks
Line
point Point World CERTs
Line
point point Antivirus Resources
line
point point FAQ
line
line
Line
Line
line
line
line
line
line
line
line
line
line
line
line
line
line
line
line
line
line
line
line
line
line
line
spacer
Home - Vulnerability NotesPrint
point
CERT-In Vulnerability Note CIVN-2015-0297
Multiple vulnerabilities in Microsoft Edge

Original Issue Date:December 09, 2015

Severity Rating: HIGH

Software Affected

  • Microsoft Windows 10 for 32-bit Systems
  • Microsoft Windows 10 for x64-based Systems
  • Microsoft Windows 10 Version 1511 for 32-bit Systems
  • Microsoft Windows 10 Version 1511 for x64-based Systems

Overview

Multiple  vulnerabilities have been reported in Microsoft Edge which could be exploited by a remote attacker to bypass security restrictions and execute arbitrary code on the targeted system.

Description

1. Multiple Memory Corruption Vulnerabilities ( CVE-2015-6140   CVE-2015-6142   CVE-2015-6148   CVE-2015-6151   CVE-2015-6153   CVE-2015-6154   CVE-2015-6155   CVE-2015-6158   CVE-2015-6159   CVE-2015-6168   )

Multiple memory corruption vulnerabilities exist in Microsoft edge due to improper handling of objects in the memory by the affected software. A remote attacker could exploit these vulnerabilities by convincing a user to visit a specially crafted website to trigger memory corruption .Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code with the privileges of the user .

2. Elevation of Privilege Vulnerability ( CVE-2015-6139   )

An elevation of privilege vulnerability exists in Microsoft Edge due to improper enforcement of content types by the affected software. A remote attacker could exploit this vulnerability by enticing a user to view a malicious website to run scripting code with elevated privileges on the target system.

3. ASLR Security Bypass Vulnerability ( CVE-2015-6161   )

This vulnerability exist in Microsoft edge due to non-usage of the Address Space Layout Randomization (ASLR) security feature which could allow an attacker to more reliably predict memory offsets of instructions in call  stacks.  A remote attacker could exploit this vulnerability by convincing a user to visit a specially crafted website to bypass ASLR security feature leading to execution of arbitrary code on the target system.

4. Microsoft Edge Spoofing vulnerability ( CVE-2015-6169   )

A spoofing vulnerability exists in Microsoft edge due to improper parsing of HTTP responses. A remote attacker could exploit this vulnerability by convincing a user to visit a specially crafted website designed to spoof content or be used as a pivot to chain an attack with other vulnerabilities in web services.

5. Elevation of Privilege Vulnerability ( CVE-2015-6170   )

This vulnerability exists in Microsoft Edge due to improper validation of permissions by the affected software. A remote attacker could exploit this vulnerability by persuading a user to view a malicious website. Successful exploitation of this vulnerability could allow a remote attacker  to gain elevated privileges on the targeted system.

6. XSS Filter Bypass Vulnerability ( CVE-2015-6176   )

A cross site vulnerability exist in Microsoft edge due to improper handling of HTML attribute  in HTTP response data. A remote attacker could exploit this vulnerability by enticing the user to visit a specially crafted website designed to cause the XSS filter in Edge to disable HTML attributes.
Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary scripting code on the target users browser, leading to information disclosure.

Solution

Apply appropriate patches as mentioned in Microsoft Security Bulletin  MS15-125

Vendor Information

Microsoft
https://technet.microsoft.com/en-us/library/security/ms15-125

References

Microsoft
https://technet.microsoft.com/en-us/library/security/ms15-125

Cisco
http://tools.cisco.com/security/center/viewAlert.x?alertId=42362
http://tools.cisco.com/security/center/viewAlert.x?alertId=42364
http://tools.cisco.com/security/center/viewAlert.x?alertId=42370
http://tools.cisco.com/security/center/viewAlert.x?alertId=42373
http://tools.cisco.com/security/center/viewAlert.x?alertId=42375
http://tools.cisco.com/security/center/viewAlert.x?alertId=42377
http://tools.cisco.com/security/center/viewAlert.x?alertId=42376
http://tools.cisco.com/security/center/viewAlert.x?alertId=42380
http://tools.cisco.com/security/center/viewAlert.x?alertId=42381
http://tools.cisco.com/security/center/viewAlert.x?alertId=42388
http://tools.cisco.com/security/center/viewAlert.x?alertId=42361
http://tools.cisco.com/security/center/viewAlert.x?alertId=42383
http://tools.cisco.com/security/center/viewAlert.x?alertId=42389
http://tools.cisco.com/security/center/viewAlert.x?alertId=42390
http://tools.cisco.com/security/center/viewAlert.x?alertId=42391

Security tracker
http://www.securitytracker.com/id/1034316

CVE Name
CVE-2015-6139
CVE-2015-6140
CVE-2015-6142
CVE-2015-6148
CVE-2015-6151
CVE-2015-6153
CVE-2015-6154
CVE-2015-6155
CVE-2015-6158
CVE-2015-6159
CVE-2015-6161
CVE-2015-6168
CVE-2015-6169
CVE-2015-6170
CVE-2015-6176

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Email: info@cert-in.org.in
Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
Electronics Niketan
6, CGO Complex, Lodhi Road,
New Delhi - 110 003
India

 
Indian Computer Emergency Response Team - CERT-In, Ministry of Electronics and Information Technology, Government of India.
Website Policies |  Terms of Use |  Help Last Updated On May 01, 2025