Lucene search

Kaspersky LabKLA10829

HistoryJun 14, 2016 - 12:00 a.m.

KLA10829 Multiple vulnerabilities in Microsoft Edge and Internet Explorer

2016-06-1400:00:00

Kaspersky Lab

threats.kaspersky.com

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.9

Confidence

High

EPSS

0.939

Percentile

99.2%

JSON

Multiple serious vulnerabilities have been found in Microsoft Edge. Malicious users can exploit these vulnerabilities to bypass security restrictions, perform privilege escalation, execute arbitrary code or obtain sensitive information.

Below is a complete list of vulnerabilities

An improper validation at Content Security Policy can be exploited remotely via a specially designed content to bypass security restrictions;
An improper memory objects handling at Chakra JavaScript engine can be exploited remotely via a specially designed content to execute arbitrary code;
An improper PDF parsing can be exploited remotely via a specially designed pdf document to obtain sensitive information or execute arbitrary code;
A vulnerability in Web Proxy Auto Discovery (WPAD) protocol can be exploited remotely to bypass security restrictions and perform privilege escalation;
A vulnerability in XSS Filter can be exploited remotely to perform a universal cross-site scripting attack;
Internet Explorer Memory Corruption Vulnerability can be exploited remotely via a specially designed content to execute arbitrary code and perform privilege escalation;
Scripting Engine Memory Corruption Vulnerability can be exploited remotely via a specially designed content to execute arbitrary code and perform privilege escalation;

Original advisories

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-Edge

CVE list

CVE-2016-3207 critical

CVE-2016-3206 critical

CVE-2016-3205 critical

CVE-2016-3215 warning

CVE-2016-3214 critical

CVE-2016-3213 critical

CVE-2016-3212 warning

CVE-2016-3211 critical

CVE-2016-3210 critical

CVE-2016-3203 critical

CVE-2016-3202 critical

CVE-2016-3201 warning

CVE-2016-3199 critical

CVE-2016-3198 warning

CVE-2016-0199 critical

CVE-2016-0200 critical

CVE-2016-3222 critical

KB list

3163017

3163018

3160005

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

XSS/CSS

Cross site scripting. Exploitation of vulnerabilities with this impact can lead to partial interception of information transmitted between user and site.