JSON View XML View

Key Value
MTID M114969
Title (MS16-118) Microsoft Internet Explorer Scripting Engine Memory Corruption Remote Code Execution (3192887)
Description A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Internet Explorer could lead to remote code execution.

The flaw occurs in the way that the Scripting Engine renders when handling objects in memory. Successful exploitation by a remote attacker could result in the execution of arbitrary code.
Recommendation The vendor has released an update to address this issue.

https://technet.microsoft.com/library/security/MS16-118

Superseded patch information:

The patches for the following products are superseded by patches provided in: MS16-142
- Cumulative Update for Windows 10 (KB3198585): KB3198585
- Cumulative Update for Windows 10 Version 1511 (KB3198586): KB3198586
- Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3198586): KB3198586
- Cumulative Update for Windows 10 Version 1607 (KB3200970): KB3200970
- Microsoft Internet Explorer 8 for WES09 and POSReady 2009: KB3197655
- Microsoft Internet Explorer 9 for Windows Server 2008: KB3197655
- Microsoft Internet Explorer 9 for Windows Server 2008 x64 Edition: KB3197655
- Microsoft Internet Explorer 9 for Windows Vista: KB3197655
- Microsoft Internet Explorer 9 for Windows Vista for x64-based Systems: KB3197655

https://technet.microsoft.com/library/security/MS16-142

Vendor Microsoft
Attack Vector Website or e-mail with malicious content
Importance 7
Impact 10.00084536000
Threat Score 7.61
Labels
Patch Tuesday
References
CVECVE-2016-3390
MSFTBulletinMS16-118
MSFTQNumber3192887
DISA IAVA2016-A-0276
MTIDM114969
CPEs
cpe:/a:microsoft:ie:11
Created At 2016-10-11 00:00:00 UTC
Updated At 2016-11-19 10:31:22 UTC

Back