CVE-2016-3292

EPSS 6.43%
Published 14.09.2016 10:59:06
Last modified 12.04.2025 10:46:40
Source secure@microsoft.com
Teams watchlist Login
Open Login

Microsoft Internet Explorer 10 and 11 mishandles integrity settings and zone settings, which allows remote attackers to bypass a sandbox protection mechanism via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."

Affected products Warnungen 0 Metrics 3 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Internet Explorer Version10

Microsoft ≫ Internet Explorer Version11 Update-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	6.43%	0.907

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	1.6	3.4	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
nvd@nist.gov	5.1	4.9	6.4	AV:N/AC:H/Au:N/C:P/I:P/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.securitytracker.com/id/1036788

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-104

http://www.securityfocus.com/bid/92808

https://nvd.nist.gov/vuln/detail/CVE-2016-3292

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-3292

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-3292

EUVD