JSON View XML View

Key Value
MTID M113556
Title (MS16-095) Microsoft Internet Explorer Local File URI Information Disclosure (3177356)
Description A vulnerability in some versions of Microsoft Internet Explorer could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to information disclosure.

The flaw lies in the Local File component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information.The exploit requires the attacker to have valid credentials to the vulnerable system.
Recommendation The vendor has released an update to address this issue.

https://technet.microsoft.com/library/security/MS16-095

Superseded patch information:

The patches for the following products are superseded by patches provided in: MS16-142
- Cumulative Update for Windows 10 (KB3198585): KB3198585
- Cumulative Update for Windows 10 Version 1511 (KB3198586): KB3198586
- Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3198586): KB3198586
- Cumulative Update for Windows 10 Version 1607 (KB3200970): KB3200970
- Microsoft Internet Explorer 8 for WES09 and POSReady 2009: KB3197655
- Microsoft Internet Explorer 9 for Windows Server 2008: KB3197655
- Microsoft Internet Explorer 9 for Windows Server 2008 x64 Edition: KB3197655
- Microsoft Internet Explorer 9 for Windows Vista: KB3197655
- Microsoft Internet Explorer 9 for Windows Vista for x64-based Systems: KB3197655
- November, 2016 Security Monthly Quality Rollup for Windows 7 (KB3197868): KB3197868
- November, 2016 Security Monthly Quality Rollup for Windows 7 for x64-based Systems ( (KB3197868): KB3197868
- November, 2016 Security Monthly Quality Rollup for Windows 8.1 (KB3197874): KB3197874
- November, 2016 Security Monthly Quality Rollup for Windows 8.1 for x64-based Systems (KB3197874): KB3197874
- November, 2016 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB3197868): KB3197868
- November, 2016 Security Monthly Quality Rollup for Windows Server 2012 (KB3197877): KB3197877
- November, 2016 Security Monthly Quality Rollup for Windows Server 2012 R2 (KB3197874): KB3197874

The patches for the following products are superseded by patches provided in: MS16-125
- Cumulative Update for Windows 10 for x64-based Systems (KB3192440): KB3192440
- Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB3194798): KB3194798
- Cumulative Update for Windows Server 2016 for x64-based Systems (KB3194798): KB3194798

The patches for the following products are superseded by patches provided in: MS16-118
- Cumulative Update for Windows Server 2016 Technical Preview 5 for x64-based Systems (KB3195038): KB3195038

https://technet.microsoft.com/library/security/MS16-142
https://technet.microsoft.com/library/security/MS16-125
https://technet.microsoft.com/library/security/MS16-118

Vendor Microsoft
Attack Vector Malicious remote network traffic
Importance 5
Impact 2.8627500
Threat Score 1.85
Labels
Patch Tuesday
References
CVECVE-2016-3321
MSFTBulletinMS16-095
MSFTQNumber3177356
DISA IAVA2016-A-0201
MTIDM113556
CPEs
cpe:/a:microsoft:ie:11
Created At 2016-08-09 00:00:00 UTC
Updated At 2016-11-19 10:30:51 UTC

Back