Lucene search

[email protected]CVE-2016-3242

HistoryJul 13, 2016 - 1:59 a.m.

CVE-2016-3242

2016-07-1301:59:05

CWE-119

[email protected]

web.nvd.nist.gov

cve-2016-3242

microsoft

internet explorer

remote code execution

memory corruption

web security

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

0.195

Percentile

96.3%

JSON

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka “Internet Explorer Memory Corruption Vulnerability,” a different vulnerability than CVE-2016-3240 and CVE-2016-3241.

Affected configurations

NVD

Node

microsoftinternet_explorerMatch9

microsoftinternet_explorerMatch10

microsoftinternet_explorerMatch11

VendorProductVersionCPE
microsoftinternet_explorer9cpe:/a:microsoft:internet_explorer:9:::
microsoftinternet_explorer11cpe:/a:microsoft:internet_explorer:11:::
microsoftinternet_explorer10cpe:/a:microsoft:internet_explorer:10:::

Vendor	Product	Version	CPE
microsoft	internet_explorer	9	cpe:/a:microsoft:internet_explorer:9:::
microsoft	internet_explorer	11	cpe:/a:microsoft:internet_explorer:11:::
microsoft	internet_explorer	10	cpe:/a:microsoft:internet_explorer:10:::