Executive Summary
Summary | |
---|---|
Title | Cumulative Security Update for Internet Explorer (3134220) |
Informations | |||
---|---|---|---|
Name | MS16-009 | First vendor Publication | 2016-02-09 |
Vendor | Microsoft | Last vendor Modification | 2016-02-19 |
Severity (Vendor) | N/A | Revision | 1.1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Severity Rating: Critical |
Original Source
Url : https://technet.microsoft.com/en-us/library/security/MS16-009 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
67 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
17 % | CWE-264 | Permissions, Privileges, and Access Controls |
8 % | CWE-200 | Information Exposure |
8 % | CWE-19 | Data Handling |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 4 | |
Os | 1 | |
Os | 1 | |
Os | 1 | |
Os | 1 | |
Os | 1 | |
Os | 2 | |
Os | 2 | |
Os | 1 |
Snort® IPS/IDS
Date | Description |
---|---|
2017-11-21 | Microsoft Office ociw32.dll dll-load exploit attempt RuleID : 44601 - Revision : 2 - Type : FILE-OFFICE |
2017-11-21 | Microsoft Office iasdatastore2.dll dll-load exploit attempt RuleID : 44600 - Revision : 2 - Type : FILE-OFFICE |
2017-11-21 | Microsoft Office oci.dll dll-load exploit attempt RuleID : 44599 - Revision : 2 - Type : FILE-OFFICE |
2017-11-21 | Microsoft Office request for ociw32.dll over SMB attempt RuleID : 44598 - Revision : 2 - Type : FILE-OFFICE |
2017-11-21 | Microsoft Office request for iasdatastore2.dll over SMB attempt RuleID : 44597 - Revision : 2 - Type : FILE-OFFICE |
2017-11-21 | Microsoft Office request for oci.dll over SMB attempt RuleID : 44596 - Revision : 2 - Type : FILE-OFFICE |
2017-01-10 | Microsoft Office hyperlink object out of bounds read attempt RuleID : 40941 - Revision : 3 - Type : FILE-OFFICE |
2017-01-10 | Microsoft Office hyperlink object out of bounds read attempt RuleID : 40940 - Revision : 3 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office Excel hlink.dll string duplication input validation informat... RuleID : 37617 - Revision : 3 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office Excel hlink.dll string duplication input validation informat... RuleID : 37616 - Revision : 3 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Internet Explorer CACPWrap object use-after-free attempt RuleID : 37613 - Revision : 2 - Type : BROWSER-IE |
2016-03-14 | Microsoft Internet Explorer CACPWrap object use-after-free attempt RuleID : 37612 - Revision : 2 - Type : BROWSER-IE |
2016-03-14 | Microsoft Internet Explorer CallInvoke type confusion attempt RuleID : 37611 - Revision : 2 - Type : BROWSER-IE |
2016-03-14 | Microsoft Internet Explorer CallInvoke type confusion attempt RuleID : 37610 - Revision : 2 - Type : BROWSER-IE |
2016-03-14 | Microsoft Internet Explorer CallInvoke type confusion attempt RuleID : 37609 - Revision : 2 - Type : BROWSER-IE |
2016-03-14 | Microsoft Internet Explorer CallInvoke type confusion attempt RuleID : 37608 - Revision : 2 - Type : BROWSER-IE |
2016-03-14 | Microsoft Internet Explorer StrCmpNICW string object use after free attempt RuleID : 37605 - Revision : 4 - Type : BROWSER-IE |
2016-03-14 | Microsoft Internet Explorer StrCmpNICW string object use after free attempt RuleID : 37604 - Revision : 4 - Type : BROWSER-IE |
2016-03-14 | Microsoft Internet Explorer IFRAME object constructor cross site scripting at... RuleID : 37603 - Revision : 2 - Type : BROWSER-IE |
2016-03-14 | Microsoft Internet Explorer IFRAME object constructor cross site scripting at... RuleID : 37602 - Revision : 2 - Type : BROWSER-IE |
2016-03-14 | Microsoft Internet Explorer CTextBlock use-after-free attempt RuleID : 37597 - Revision : 3 - Type : BROWSER-IE |
2016-03-14 | Microsoft Internet Explorer CTextBlock use-after-free attempt RuleID : 37596 - Revision : 3 - Type : BROWSER-IE |
2016-03-14 | Microsoft Edge SysFreeString double free attempt RuleID : 37582 - Revision : 2 - Type : BROWSER-IE |
2016-03-14 | Microsoft Edge SysFreeString double free attempt RuleID : 37581 - Revision : 2 - Type : BROWSER-IE |
2016-03-14 | Microsoft Internet Explorer CDomPrototype type confusion attempt RuleID : 37574 - Revision : 2 - Type : BROWSER-IE |
2016-03-14 | Microsoft Internet Explorer CDomPrototype type confusion attempt RuleID : 37573 - Revision : 3 - Type : BROWSER-IE |
2016-03-14 | Microsoft Internet Explorer CDomPrototype type confusion attempt RuleID : 37572 - Revision : 2 - Type : BROWSER-IE |
2016-03-14 | Microsoft Internet Explorer CDomPrototype type confusion attempt RuleID : 37571 - Revision : 3 - Type : BROWSER-IE |
2016-03-14 | Microsoft Office request for phoneinfo.dll over SMB attempt RuleID : 37558 - Revision : 3 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office request for msdaora.dll over SMB attempt RuleID : 37557 - Revision : 3 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office phoneinfo.dll dll-load exploit attempt RuleID : 37556 - Revision : 3 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office msdaora.dll dll-load exploit attempt RuleID : 37555 - Revision : 3 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Internet Explorer CDATA use-after-free attempt RuleID : 37554 - Revision : 2 - Type : BROWSER-IE |
2016-03-14 | Microsoft Internet Explorer CDATA use-after-free attempt RuleID : 37553 - Revision : 2 - Type : BROWSER-IE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-02-09 | Name : The remote host has a web browser installed that is affected by multiple vuln... File : smb_nt_ms16-009.nasl - Type : ACT_GATHER_INFO |
2016-02-09 | Name : The remote host has a web browser installed that is affected by multiple vuln... File : smb_nt_ms16-011.nasl - Type : ACT_GATHER_INFO |
2016-02-09 | Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms16-014.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2016-02-29 21:29:57 |
|
2016-02-22 13:30:56 |
|
2016-02-20 05:27:33 |
|
2016-02-20 05:16:21 |
|
2016-02-19 21:28:48 |
|
2016-02-19 05:30:10 |
|
2016-02-17 21:30:28 |
|
2016-02-16 21:29:34 |
|
2016-02-12 17:29:23 |
|
2016-02-12 00:27:57 |
|
2016-02-11 21:29:31 |
|
2016-02-11 08:49:12 |
|
2016-02-11 05:29:06 |
|
2016-02-11 00:29:24 |
|
2016-02-10 17:29:09 |
|
2016-02-10 13:23:49 |
|
2016-02-09 21:30:18 |
|
2016-02-09 21:16:40 |
|