Unrated severityNVD Advisory· Published Oct 14, 2015· Updated May 6, 2026

CVE-2015-6059

Description

The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability."

Affected products

Microsoft/Jscript3 versions
cpe:2.3:a:microsoft:jscript:5.6:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:microsoft:jscript:5.6:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:jscript:5.7:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:jscript:5.8:*:*:*:*:*:*:*
Microsoft/Vbscript3 versions
cpe:2.3:a:microsoft:vbscript:5.6:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:microsoft:vbscript:5.6:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:vbscript:5.7:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:vbscript:5.8:*:*:*:*:*:*:*
Microsoft/Internet Explorer4 versions
cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.018
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000