CVE-2015-2548

Use-after-free vulnerability in the Tablet Input Band in Windows Shell in Microsoft Windows Vista SP2 and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Microsoft Tablet Input Band Use After Free Vulnerability."

Published: Oct 14, 2015
Updated: Apr 13, 2023
CVE: CVE-2015-2548
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / windows_7	--sp1	--sp1.x
microsoft / windows_vista	--sp2	--sp2.x

http://www.securitytracker.com/id/1033799
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-109

Vulnerability Database

290,273

CVE-2015-2548