| Vulnerability Name: | CVE-2016-3260 (CCN-114561) | ||||||||||||
| Assigned: | 2016-07-12 | ||||||||||||
| Published: | 2016-07-12 | ||||||||||||
| Updated: | 2018-10-12 | ||||||||||||
| Summary: | The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." | ||||||||||||
| CVSS v3 Severity: | 8.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) 7.7 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
6.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
| ||||||||||||
| Vulnerability Type: | CWE-119 | ||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2016-3260 Source: CCN Type: Microsoft Security Bulletin MS16-084 Cumulative Security Update for Internet Explorer (3169991) Source: CCN Type: Microsoft Security Bulletin MS16-085 Cumulative Security Update for Microsoft Edge (3169999) Source: CCN Type: Microsoft Security Bulletin MS16-095 Cumulative Security Update for Internet Explorer (3177356) Source: CCN Type: Microsoft Security Bulletin MS16-096 Cumulative Security Update for Microsoft Edge (3177358) Source: CCN Type: Microsoft Security Bulletin MS16-104 Cumulative Security Update for Internet Explorer (3183038) Source: CCN Type: Microsoft Security Bulletin MS16-105 Cumulative Security Update for Microsoft Edge (3183043) Source: CCN Type: Microsoft Security Bulletin MS16-118 Cumulative Security Update for Internet Explorer (3192887) Source: CCN Type: Microsoft Security Bulletin MS16-119 Cumulative Security Update for Microsoft Edge (3192890) Source: CCN Type: Microsoft Security Bulletin MS16-120 Security Update for Microsoft Graphics Component (3192884) Source: CCN Type: Microsoft Security Bulletin MS16-122 Security Update for Microsoft Video Control (3195360) Source: CCN Type: Microsoft Security Bulletin MS16-123 Security Update for Kernel-Mode Drivers (3192892) Source: CCN Type: Microsoft Security Bulletin MS16-124 Security Update for Windows Registry (3193227) Source: CCN Type: Microsoft Security Bulletin MS16-129 Cumulative Security Update for Microsoft Edge (3199057) Source: CCN Type: Microsoft Security Bulletin MS16-131 Security Update for Microsoft Video Control (3199151) Source: CCN Type: Microsoft Security Bulletin MS16-139 Security Update for Windows Kernel (3199720) Source: CCN Type: Microsoft Security Bulletin MS16-142 Cumulative Security Update for Internet Explorer (3198467) Source: CCN Type: Microsoft Security Bulletin MS16-144 Cumulative Security Update for Internet Explorer (3204059) Source: CCN Type: Microsoft Security Bulletin MS16-145 Cumulative Security Update for Microsoft Edge (3204062) Source: CCN Type: Microsoft Security Bulletin MS16-155 Security Update for .NET Framework (3205640) Source: CCN Type: Microsoft Security Bulletin MS17-001 Cumulative Security Update for Microsoft Edge (3214288) Source: CCN Type: Microsoft Security Bulletin MS17-006 Cumulative Security Update for Internet Explorer (4013073) Source: CCN Type: Microsoft Security Bulletin MS17-007 Security Update for Microsoft Edge (4013071) Source: CCN Type: Microsoft Security Bulletin MS17-013 Security Update for Microsoft Graphics Component (4013075) Source: BID Type: UNKNOWN 91580 Source: CCN Type: BID-91580 Microsoft Internet Explorer and Edge CVE-2016-3260 Remote Memory Corruption Vulnerability Source: SECTRACK Type: UNKNOWN 1036283 Source: MS Type: UNKNOWN MS16-084 Source: MS Type: UNKNOWN MS16-085 Source: XF Type: UNKNOWN ms-browsers-cve20163260-code-exec(114561) | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||