Executive Summary

Informations
NameCVE-2016-0159First vendor Publication2016-04-12
VendorCveLast vendor Modification2018-10-12

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:H/Au:N/C:C/I:C/A:C)
Cvss Base Score7.6Attack RangeNetwork
Cvss Impact Score10Attack ComplexityHigh
Cvss Expoit Score4.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0159

CWE : Common Weakness Enumeration

%idName
100 %CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1

Snort® IPS/IDS

DateDescription
2016-05-17Microsoft Internet Explorer ConvertStringFromUnicodeEx out of bounds write at...
RuleID : 38508 - Revision : 5 - Type : BROWSER-IE
2016-05-17Microsoft Internet Explorer ConvertStringFromUnicodeEx out of bounds write at...
RuleID : 38507 - Revision : 5 - Type : BROWSER-IE
2016-05-17Microsoft Internet Explorer CChildIterator media object use-after-free attempt
RuleID : 38506 - Revision : 2 - Type : BROWSER-IE
2016-05-17Microsoft Internet Explorer CChildIterator media object use-after-free attempt
RuleID : 38505 - Revision : 2 - Type : BROWSER-IE
2016-05-17Microsoft Internet Explorer CChildIterator media object use-after-free attempt
RuleID : 38504 - Revision : 2 - Type : BROWSER-IE
2016-05-17Microsoft Internet Explorer CChildIterator media object use-after-free attempt
RuleID : 38503 - Revision : 2 - Type : BROWSER-IE
2016-05-12Microsoft Windows CreatePopupMenu win32k.sys use after free attempt
RuleID : 38492 - Revision : 2 - Type : OS-WINDOWS
2016-05-12Microsoft Windows CreatePopupMenu win32k.sys use after free attempt
RuleID : 38491 - Revision : 2 - Type : OS-WINDOWS
2016-05-12Microsoft Windows api-ms-win-appmodel-runtime dll-load exploit attempt
RuleID : 38470 - Revision : 3 - Type : OS-WINDOWS
2016-05-12Microsoft Windows api-ms-win-appmodel-runtime dll-load exploit attempt
RuleID : 38469 - Revision : 3 - Type : OS-WINDOWS
2016-05-12Microsoft Internet Explorer 9 frameset use after free attempt
RuleID : 38468 - Revision : 2 - Type : BROWSER-IE
2016-05-12Microsoft Internet Explorer 9 frameset use after free attempt
RuleID : 38467 - Revision : 2 - Type : BROWSER-IE
2016-05-12Microsoft Internet Explorer InsertSanitizedTextEx use after free attempt
RuleID : 38466 - Revision : 2 - Type : BROWSER-IE
2016-05-12Microsoft Internet Explorer InsertSanitizedTextEx use after free attempt
RuleID : 38465 - Revision : 2 - Type : BROWSER-IE

Nessus® Vulnerability Scanner

DateDescription
2016-04-12Name : The remote host has a web browser installed that is affected by multiple vuln...
File : smb_nt_ms16-037.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
MISC http://www.zerodayinitiative.com/advisories/ZDI-16-231
MS https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16...
SECTRACK http://www.securitytracker.com/id/1035521

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
DateInformations
2018-10-13 05:19:00
  • Multiple Updates
2016-12-03 09:24:32
  • Multiple Updates
2016-04-14 21:27:07
  • Multiple Updates
2016-04-13 13:20:42
  • Multiple Updates
2016-04-13 05:25:26
  • First insertion