Описание
Multiple serious vulnerabilities have been found in Microsoft Internet Explorer and Edge. Malicious users can exploit these vulnerabilities to execute arbitrary code or obtain sensitive information.
Below is a complete list of vulnerabilities
- An improper memory objects handling can be exploited remotely via a specially designed content to execute arbitrary code or obtain sensitive information;
- An improper page content handling can be exploited remotely via a specially designed content to obtain sensitive information;
- An improper memory objects handling at Chakra JavaScript engine can be exploited remotely via a specially designed content to execute arbitrary code.
Technical details
To mitigate vulnerability №1 remove Microsoft EDGE from the PDF reader default file type association
To exploit vulnerability №2 an attacker must have valid logon credentials and be able to log on locally
Первичный источник обнаружения
- CVE-2016-3322
CVE-2016-3321
CVE-2016-3319
CVE-2016-3296
CVE-2016-3293
CVE-2016-3290
CVE-2016-3289
CVE-2016-3288
CVE-2016-3329
CVE-2016-3327
CVE-2016-3326
Эксплуатация
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Связанные продукты
Список CVE
- CVE-2016-3322 critical
- CVE-2016-3321 warning
- CVE-2016-3319 critical
- CVE-2016-3296 critical
- CVE-2016-3293 critical
- CVE-2016-3290 critical
- CVE-2016-3289 critical
- CVE-2016-3288 critical
- CVE-2016-3329 warning
- CVE-2016-3327 warning
- CVE-2016-3326 warning
Список KB
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com