Executive Summary

Informations
NameCVE-2016-0154First vendor Publication2016-04-12
VendorCveLast vendor Modification2018-10-12

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:H/Au:N/C:C/I:C/A:C)
Cvss Base Score7.6Attack RangeNetwork
Cvss Impact Score10Attack ComplexityHigh
Cvss Expoit Score4.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0154

CWE : Common Weakness Enumeration

%idName
100 %CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1
Application3

Snort® IPS/IDS

DateDescription
2017-11-14Microsoft Edge webnote exit event css arbitrary file read attempt
RuleID : 44549 - Revision : 2 - Type : BROWSER-IE
2017-11-14Microsoft Edge webnote exit event css arbitrary file read attempt
RuleID : 44548 - Revision : 2 - Type : BROWSER-IE
2016-05-17Microsoft Internet Explorer ConvertStringFromUnicodeEx out of bounds write at...
RuleID : 38508 - Revision : 5 - Type : BROWSER-IE
2016-05-17Microsoft Internet Explorer ConvertStringFromUnicodeEx out of bounds write at...
RuleID : 38507 - Revision : 5 - Type : BROWSER-IE
2016-05-17Microsoft Internet Explorer CChildIterator media object use-after-free attempt
RuleID : 38506 - Revision : 2 - Type : BROWSER-IE
2016-05-17Microsoft Internet Explorer CChildIterator media object use-after-free attempt
RuleID : 38505 - Revision : 2 - Type : BROWSER-IE
2016-05-17Microsoft Internet Explorer CChildIterator media object use-after-free attempt
RuleID : 38504 - Revision : 2 - Type : BROWSER-IE
2016-05-17Microsoft Internet Explorer CChildIterator media object use-after-free attempt
RuleID : 38503 - Revision : 2 - Type : BROWSER-IE
2016-05-12Microsoft Windows CreatePopupMenu win32k.sys use after free attempt
RuleID : 38492 - Revision : 2 - Type : OS-WINDOWS
2016-05-12Microsoft Windows CreatePopupMenu win32k.sys use after free attempt
RuleID : 38491 - Revision : 2 - Type : OS-WINDOWS
2016-05-12Microsoft Edge TextDataSlice type confusion attempt
RuleID : 38486 - Revision : 2 - Type : BROWSER-IE
2016-05-12Microsoft Edge TextDataSlice type confusion attempt
RuleID : 38485 - Revision : 2 - Type : BROWSER-IE
2016-05-12Microsoft Edge CStyleSheet keyframes out of bounds read attempt
RuleID : 38484 - Revision : 3 - Type : BROWSER-IE
2016-05-12Microsoft Edge CStyleSheet keyframes out of bounds read attempt
RuleID : 38483 - Revision : 3 - Type : BROWSER-IE
2016-05-12Microsoft Edge remove range out of bounds read attempt
RuleID : 38480 - Revision : 3 - Type : BROWSER-IE
2016-05-12Microsoft Edge remove range out of bounds read attempt
RuleID : 38479 - Revision : 3 - Type : BROWSER-IE
2016-05-12Microsoft Edge webnote exit event css arbitrary file read attempt
RuleID : 38478 - Revision : 3 - Type : BROWSER-IE
2016-05-12Microsoft Edge webnote exit event css arbitrary file read attempt
RuleID : 38477 - Revision : 3 - Type : BROWSER-IE
2016-05-12Microsoft Edge iframe cross-site scripting attempt
RuleID : 38474 - Revision : 2 - Type : BROWSER-IE
2016-05-12Microsoft Edge iframe cross-site scripting attempt
RuleID : 38473 - Revision : 2 - Type : BROWSER-IE
2016-05-12Microsoft Windows api-ms-win-appmodel-runtime dll-load exploit attempt
RuleID : 38470 - Revision : 3 - Type : OS-WINDOWS
2016-05-12Microsoft Windows api-ms-win-appmodel-runtime dll-load exploit attempt
RuleID : 38469 - Revision : 3 - Type : OS-WINDOWS
2016-05-12Microsoft Internet Explorer 9 frameset use after free attempt
RuleID : 38468 - Revision : 2 - Type : BROWSER-IE
2016-05-12Microsoft Internet Explorer 9 frameset use after free attempt
RuleID : 38467 - Revision : 2 - Type : BROWSER-IE
2016-05-12Microsoft Internet Explorer InsertSanitizedTextEx use after free attempt
RuleID : 38466 - Revision : 2 - Type : BROWSER-IE
2016-05-12Microsoft Internet Explorer InsertSanitizedTextEx use after free attempt
RuleID : 38465 - Revision : 2 - Type : BROWSER-IE

Nessus® Vulnerability Scanner

DateDescription
2016-04-12Name : The remote host has a web browser installed that is affected by multiple vuln...
File : smb_nt_ms16-037.nasl - Type : ACT_GATHER_INFO
2016-04-12Name : The remote host has a web browser installed that is affected by multiple vuln...
File : smb_nt_ms16-038.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
MS https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16...
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16...
SECTRACK http://www.securitytracker.com/id/1035521
http://www.securitytracker.com/id/1035522

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
DateInformations
2018-10-13 05:19:00
  • Multiple Updates
2016-12-03 09:24:32
  • Multiple Updates
2016-04-14 21:27:04
  • Multiple Updates
2016-04-13 13:20:42
  • Multiple Updates
2016-04-13 05:25:25
  • First insertion