Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
NameCVE-2016-7282First vendor Publication2016-12-20
VendorCveLast vendor Modification2018-10-12

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Cvss Base Score4.3Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability."

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7282

CWE : Common Weakness Enumeration

%idName
100 %CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1
Application3

Snort® IPS/IDS

DateDescription
2019-05-21Microsoft Edge SIMD memory corruption attempt
RuleID : 49869 - Revision : 1 - Type : BROWSER-IE
2019-05-21Microsoft Edge SIMD memory corruption attempt
RuleID : 49868 - Revision : 1 - Type : BROWSER-IE
2019-05-07Microsoft Internet Explorer Typed Array use after free attempt
RuleID : 49687 - Revision : 1 - Type : BROWSER-IE
2019-05-07Microsoft Internet Explorer Typed Array use after free attempt
RuleID : 49686 - Revision : 1 - Type : BROWSER-IE
2018-01-18Microsoft Internet Explorer out of bounds read attempt
RuleID : 45213 - Revision : 2 - Type : BROWSER-IE
2018-01-18Microsoft Internet Explorer out of bounds read attempt
RuleID : 45212 - Revision : 2 - Type : BROWSER-IE
2018-01-18Microsoft Internet Explorer out of bounds read attempt
RuleID : 45211 - Revision : 2 - Type : BROWSER-IE
2018-01-18Microsoft Internet Explorer out of bounds read attempt
RuleID : 45210 - Revision : 2 - Type : BROWSER-IE
2017-05-04Microsoft Internet Explorer Typed Array use after free attempt
RuleID : 42118 - Revision : 3 - Type : BROWSER-IE
2017-05-04Microsoft Internet Explorer Typed Array use after free attempt
RuleID : 42117 - Revision : 3 - Type : BROWSER-IE
2017-01-12Microsoft Internet Explorer information disclosure attempt
RuleID : 40993 - Revision : 3 - Type : BROWSER-IE
2017-01-12Microsoft Internet Explorer information disclosure attempt
RuleID : 40992 - Revision : 3 - Type : BROWSER-IE
2017-01-12Microsoft Internet Explorer out of bounds read attempt
RuleID : 40989 - Revision : 3 - Type : BROWSER-IE
2017-01-12Microsoft Internet Explorer out of bounds read attempt
RuleID : 40988 - Revision : 3 - Type : BROWSER-IE
2017-01-12Microsoft Internet Explorer title integer overflow attempt
RuleID : 40987 - Revision : 4 - Type : BROWSER-IE
2017-01-12Microsoft Internet Explorer title integer overflow attempt
RuleID : 40986 - Revision : 4 - Type : BROWSER-IE
2017-01-10Microsoft Edge iframe information disclosure attempt
RuleID : 40976 - Revision : 2 - Type : BROWSER-IE
2017-01-10Microsoft Edge iframe information disclosure attempt
RuleID : 40975 - Revision : 2 - Type : BROWSER-IE
2017-01-10Microsoft Edge spread operator memory corruption attempt
RuleID : 40974 - Revision : 2 - Type : BROWSER-IE
2017-01-10Microsoft Edge spread operator memory corruption attempt
RuleID : 40973 - Revision : 2 - Type : BROWSER-IE
2017-01-10Microsoft Edge spread operator memory corruption attempt
RuleID : 40972 - Revision : 2 - Type : BROWSER-IE
2017-01-10Microsoft Edge spread operator memory corruption attempt
RuleID : 40971 - Revision : 2 - Type : BROWSER-IE
2017-01-10Microsoft Edge Object.defineProperty type confusion attempt
RuleID : 40970 - Revision : 3 - Type : BROWSER-IE
2017-01-10Microsoft Edge Object.defineProperty type confusion attempt
RuleID : 40969 - Revision : 3 - Type : BROWSER-IE
2017-01-10Microsoft Edge SIMD memory corruption attempt
RuleID : 40950 - Revision : 3 - Type : BROWSER-IE
2017-01-10Microsoft Edge SIMD memory corruption attempt
RuleID : 40949 - Revision : 3 - Type : BROWSER-IE
2017-01-10Microsoft Edge CSS browser history disclosure attempt
RuleID : 40946 - Revision : 2 - Type : BROWSER-IE
2017-01-10Microsoft Office hyperlink object out of bounds read attempt
RuleID : 40941 - Revision : 3 - Type : FILE-OFFICE
2017-01-10Microsoft Office hyperlink object out of bounds read attempt
RuleID : 40940 - Revision : 3 - Type : FILE-OFFICE
2016-03-14Microsoft Edge cross site scripting filter bypass attempt
RuleID : 36452 - Revision : 5 - Type : BROWSER-IE

Nessus® Vulnerability Scanner

DateDescription
2016-12-14Name : The remote host has a web browser installed that is affected by multiple vuln...
File : smb_nt_ms16-145.nasl - Type : ACT_GATHER_INFO
2016-12-13Name : The remote host has a web browser installed that is affected by multiple vuln...
File : smb_nt_ms16-144.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/94724
MS https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16...
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16...
SECTRACK http://www.securitytracker.com/id/1037444

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
DateInformations
2018-10-13 05:19:07
  • Multiple Updates
2016-12-27 17:28:07
  • Multiple Updates
2016-12-23 12:32:18
  • Multiple Updates
2016-12-22 09:24:09
  • Multiple Updates
2016-12-20 17:21:33
  • Multiple Updates
2016-12-20 12:03:56
  • First insertion