JSON View XML View

Key Value
MTID M115496
Title (MS16-129) Microsoft Edge Scripting Engine Memory Corruption Remote Code Execution VIII (3199057)
Description A vulnerability in some versions of Microsoft Edge could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Edge could lead to remote code execution.

The flaw lies in the Scripting Engine component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
Recommendation The vendor has released an update to address this issue.

https://technet.microsoft.com/library/security/MS16-129

Superseded patch information:

Bulletin is completely superseded by patches provided in: MS17-001

https://technet.microsoft.com/library/security/MS17-001

Vendor Microsoft
Attack Vector Website or e-mail with malicious content
Importance 9
Impact 10.00084536000
Threat Score 7.61
Labels
Patch Tuesday
References
CVECVE-2016-7243
MSFTBulletinMS16-129
MSFTQNumber3199057
DISA IAVA2016-A-0313
MTIDM115496
CPEs
cpe:/o:microsoft:windows_10
cpe:/o:microsoft:windows_10:::x64
cpe:/o:microsoft:windows:10_version_1511:10_version_1511
cpe:/o:microsoft:windows:10_version_1511_x64:10_version_1511_x64
cpe:/a:microsoft:windows:10_version_1607
cpe:/a:microsoft:windows:10_version_1607::x64
Created At 2016-11-08 00:00:00 UTC
Updated At 2017-02-16 15:09:51 UTC

Back