Executive Summary

Informations
NameCVE-2016-0077First vendor Publication2016-02-10
VendorCveLast vendor Modification2018-10-12

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Cvss Base Score4.3Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Microsoft Internet Explorer 9 through 11 and Microsoft Edge misparse HTTP responses, which allows remote attackers to spoof web sites via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability."

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0077

CWE : Common Weakness Enumeration

%idName
100 %CWE-19Data Handling

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1
Application3

Snort® IPS/IDS

DateDescription
2017-01-10Microsoft Office hyperlink object out of bounds read attempt
RuleID : 40941 - Revision : 3 - Type : FILE-OFFICE
2017-01-10Microsoft Office hyperlink object out of bounds read attempt
RuleID : 40940 - Revision : 3 - Type : FILE-OFFICE
2016-03-14Microsoft Office Excel hlink.dll string duplication input validation informat...
RuleID : 37617 - Revision : 3 - Type : FILE-OFFICE
2016-03-14Microsoft Office Excel hlink.dll string duplication input validation informat...
RuleID : 37616 - Revision : 3 - Type : FILE-OFFICE
2016-03-14Microsoft Internet Explorer CFGBitmap heap code execution attempt
RuleID : 37615 - Revision : 2 - Type : BROWSER-IE
2016-03-14Microsoft Internet Explorer CFGBitmap heap code execution attempt
RuleID : 37614 - Revision : 2 - Type : BROWSER-IE
2016-03-14Microsoft Internet Explorer CACPWrap object use-after-free attempt
RuleID : 37613 - Revision : 2 - Type : BROWSER-IE
2016-03-14Microsoft Internet Explorer CACPWrap object use-after-free attempt
RuleID : 37612 - Revision : 2 - Type : BROWSER-IE
2016-03-14Microsoft Internet Explorer CallInvoke type confusion attempt
RuleID : 37611 - Revision : 2 - Type : BROWSER-IE
2016-03-14Microsoft Internet Explorer CallInvoke type confusion attempt
RuleID : 37610 - Revision : 2 - Type : BROWSER-IE
2016-03-14Microsoft Internet Explorer CallInvoke type confusion attempt
RuleID : 37609 - Revision : 2 - Type : BROWSER-IE
2016-03-14Microsoft Internet Explorer CallInvoke type confusion attempt
RuleID : 37608 - Revision : 2 - Type : BROWSER-IE
2016-03-14Microsoft Internet Explorer StrCmpNICW string object use after free attempt
RuleID : 37605 - Revision : 4 - Type : BROWSER-IE
2016-03-14Microsoft Internet Explorer StrCmpNICW string object use after free attempt
RuleID : 37604 - Revision : 4 - Type : BROWSER-IE
2016-03-14Microsoft Internet Explorer IFRAME object constructor cross site scripting at...
RuleID : 37603 - Revision : 2 - Type : BROWSER-IE
2016-03-14Microsoft Internet Explorer IFRAME object constructor cross site scripting at...
RuleID : 37602 - Revision : 2 - Type : BROWSER-IE
2016-03-14Microsoft Internet Explorer CTextBlock use-after-free attempt
RuleID : 37597 - Revision : 3 - Type : BROWSER-IE
2016-03-14Microsoft Internet Explorer CTextBlock use-after-free attempt
RuleID : 37596 - Revision : 3 - Type : BROWSER-IE
2016-03-14Microsoft Edge SysFreeString double free attempt
RuleID : 37582 - Revision : 2 - Type : BROWSER-IE
2016-03-14Microsoft Edge SysFreeString double free attempt
RuleID : 37581 - Revision : 2 - Type : BROWSER-IE
2016-03-14Microsoft Edge CTextBlock out of bounds read attempt
RuleID : 37576 - Revision : 2 - Type : BROWSER-IE
2016-03-14Microsoft Edge CTextBlock out of bounds read attempt
RuleID : 37575 - Revision : 2 - Type : BROWSER-IE
2016-03-14Microsoft Internet Explorer CDomPrototype type confusion attempt
RuleID : 37574 - Revision : 2 - Type : BROWSER-IE
2016-03-14Microsoft Internet Explorer CDomPrototype type confusion attempt
RuleID : 37573 - Revision : 3 - Type : BROWSER-IE
2016-03-14Microsoft Internet Explorer CDomPrototype type confusion attempt
RuleID : 37572 - Revision : 2 - Type : BROWSER-IE
2016-03-14Microsoft Internet Explorer CDomPrototype type confusion attempt
RuleID : 37571 - Revision : 3 - Type : BROWSER-IE
2016-03-14Microsoft Internet Explorer CDATA use-after-free attempt
RuleID : 37554 - Revision : 2 - Type : BROWSER-IE
2016-03-14Microsoft Internet Explorer CDATA use-after-free attempt
RuleID : 37553 - Revision : 2 - Type : BROWSER-IE
2016-03-14Microsoft Internet Explorer CAttrArray use after free attempt
RuleID : 36987 - Revision : 3 - Type : BROWSER-IE
2016-03-14Microsoft Internet Explorer CAttrArray use after free attempt
RuleID : 36986 - Revision : 3 - Type : BROWSER-IE

Nessus® Vulnerability Scanner

DateDescription
2016-02-09Name : The remote host has a web browser installed that is affected by multiple vuln...
File : smb_nt_ms16-009.nasl - Type : ACT_GATHER_INFO
2016-02-09Name : The remote host has a web browser installed that is affected by multiple vuln...
File : smb_nt_ms16-011.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
MS https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16...
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16...
SECTRACK http://www.securitytracker.com/id/1034971
http://www.securitytracker.com/id/1034972

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
DateInformations
2018-10-13 05:18:59
  • Multiple Updates
2017-09-10 09:23:49
  • Multiple Updates
2016-12-06 09:24:22
  • Multiple Updates
2016-02-11 00:25:20
  • Multiple Updates
2016-02-10 17:25:03
  • First insertion