Описание
Multiple serious vulnerabilities have been found in Microsoft Internet Explorer and Edge. Malicious users can exploit these vulnerabilities to gain privileges or execute arbitrary code.
Below is a complete list of vulnerabilities
- Improper memory objects handling at VBScript engine can be exploited remotely via a specially designed web content to execute arbitrary code;
- Lack of cross-domain policies enforcement can be exploited remotely via a specially designed web content to gain privileges;
- Improper memory objects handling can be exploited remotely via a specially designed web content to execute arbitrary code;
- Improper memory objects handling at Chakra JavaScript can be exploited remotely via a specially designed web content to execute arbitrary code.
Technical details
To mitigate vulnerability (1) you can restrict access to VBScript.dll
Первичный источник обнаружения
Связанные продукты
Список CVE
- CVE-2016-0002 critical
- CVE-2016-0024 critical
- CVE-2016-0005 warning
- CVE-2016-0003 critical
Список KB
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!