Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2016-3274 | First vendor Publication | 2016-07-12 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N | |||
|---|---|---|---|
| Overall CVSS Score | 3.1 | ||
| Base Score | 3.1 | Environmental Score | 3.1 |
| impact SubScore | 1.4 | Temporal Score | 3.1 |
| Exploitabality Sub Score | 1.6 | ||
| Attack Vector | Network | Attack Complexity | High |
| Privileges Required | None | User Interaction | Required |
| Scope | Unchanged | Confidentiality Impact | None |
| Integrity Impact | Low | Availability Impact | None |
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:H/Au:N/C:N/I:P/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 2.6 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | High |
| Cvss Expoit Score | 4.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to conduct content-spoofing attacks via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability." |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3274 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-284 | Access Control (Authorization) Issues |
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 1 | |
| Application | 3 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2016-08-13 | Microsoft Edge clientInformation.geolocation.getCurrentPosition use-after-fre... RuleID : 39531 - Revision : 2 - Type : BROWSER-IE |
| 2016-08-13 | Microsoft Edge clientInformation.geolocation.getCurrentPosition use-after-fre... RuleID : 39530 - Revision : 2 - Type : BROWSER-IE |
| 2016-08-09 | Microsoft Internet Explorer textTransform out-of-bounds memory access attempt RuleID : 39515 - Revision : 2 - Type : BROWSER-IE |
| 2016-08-09 | Microsoft Internet Explorer textTransform out-of-bounds memory access attempt RuleID : 39514 - Revision : 2 - Type : BROWSER-IE |
| 2016-08-09 | Microsoft Internet Explorer IE7 compatibility mode attempt RuleID : 39513 - Revision : 3 - Type : BROWSER-IE |
| 2016-08-09 | Microsoft Internet Explorer IE7 compatibility mode attempt RuleID : 39512 - Revision : 3 - Type : BROWSER-IE |
| 2016-08-09 | Microsoft Edge bypassing window.opener protection attempt RuleID : 39511 - Revision : 2 - Type : BROWSER-IE |
| 2016-08-09 | Microsoft Edge bypassing window.opener protection attempt RuleID : 39510 - Revision : 2 - Type : BROWSER-IE |
| 2016-08-09 | Microsoft Edge ArrayBuffer.transfer information disclosure attempt RuleID : 39507 - Revision : 2 - Type : BROWSER-IE |
| 2016-08-09 | Microsoft Edge ArrayBuffer.transfer information disclosure attempt RuleID : 39506 - Revision : 2 - Type : BROWSER-IE |
| 2016-08-09 | Microsoft Internet Explorer Edge text node table-cell use after free attempt RuleID : 39505 - Revision : 3 - Type : BROWSER-IE |
| 2016-08-09 | Microsoft Internet Explorer mshtml.dll invalid resize use after free attempt RuleID : 39500 - Revision : 2 - Type : BROWSER-IE |
| 2016-08-09 | Microsoft Internet Explorer mshtml.dll invalid resize use after free attempt RuleID : 39499 - Revision : 2 - Type : BROWSER-IE |
| 2016-08-09 | Microsoft Internet Explorer header tag HTML injection remote code execution a... RuleID : 39498 - Revision : 5 - Type : BROWSER-IE |
| 2016-08-09 | Microsoft Internet Explorer header tag HTML injection remote code execution a... RuleID : 39497 - Revision : 4 - Type : BROWSER-IE |
| 2016-08-09 | Microsoft Edge edgehtml negative length out of bound memory copy attempt RuleID : 39494 - Revision : 2 - Type : BROWSER-IE |
| 2016-08-09 | Microsoft Edge edgehtml negative length out of bound memory copy attempt RuleID : 39493 - Revision : 2 - Type : BROWSER-IE |
| 2016-08-09 | Microsoft Internet Explorer Dxtrans table element use after free attempt RuleID : 39492 - Revision : 2 - Type : BROWSER-IE |
| 2016-08-09 | Microsoft Internet Explorer Dxtrans table element use after free attempt RuleID : 39491 - Revision : 2 - Type : BROWSER-IE |
| 2016-08-09 | Microsoft Edge chakra.dll invalid pointer access attempt RuleID : 39487 - Revision : 2 - Type : BROWSER-IE |
| 2016-08-09 | Microsoft Edge chakra.dll invalid pointer access attempt RuleID : 39486 - Revision : 2 - Type : BROWSER-IE |
| 2016-08-09 | Microsoft Edge DWrite.dll out of bounds read attempt RuleID : 39485 - Revision : 3 - Type : BROWSER-IE |
| 2016-08-09 | Microsoft Edge DWrite.dll out of bounds read attempt RuleID : 39484 - Revision : 3 - Type : BROWSER-IE |
| 2016-04-07 | Microsoft Internet Explorer addRow out-of-bounds read attempt RuleID : 38113 - Revision : 3 - Type : BROWSER-IE |
| 2016-04-07 | Microsoft Internet Explorer addRow out-of-bounds read attempt RuleID : 38112 - Revision : 3 - Type : BROWSER-IE |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2016-07-12 | Name : The remote host has a web browser installed that is affected by multiple vuln... File : smb_nt_ms16-084.nasl - Type : ACT_GATHER_INFO |
| 2016-07-12 | Name : The remote host has a web browser installed that is affected by multiple vuln... File : smb_nt_ms16-085.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 12:55:23 |
|
| 2021-05-04 12:48:46 |
|
| 2021-04-22 01:59:41 |
|
| 2020-05-23 00:50:38 |
|
| 2018-10-13 05:19:02 |
|
| 2017-09-01 09:24:46 |
|
| 2016-11-29 00:26:07 |
|
| 2016-07-14 00:23:59 |
|
| 2016-07-13 13:25:48 |
|
| 2016-07-13 09:24:03 |
|
