CVE-2016-3202

The Microsoft (1) Chakra JavaScript, (2) JScript, and (3) VBScript engines, as used in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*
OR cpe:2.3:a:microsoft:chakra_javascript:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:jscript:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:vbscript:*:*:*:*:*:*:*:*

History

21 Nov 2024, 02:49

Type Values Removed Values Added
References () http://www.securitytracker.com/id/1036096 - () http://www.securitytracker.com/id/1036096 -
References () http://www.securitytracker.com/id/1036099 - () http://www.securitytracker.com/id/1036099 -
References () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-063 - () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-063 -
References () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-068 - () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-068 -

Information

Published : 2016-06-16 01:59

Updated : 2024-11-21 02:49


NVD link : CVE-2016-3202

Mitre link : CVE-2016-3202

CVE.ORG link : CVE-2016-3202


JSON object : View

Products Affected

microsoft

  • vbscript
  • edge
  • chakra_javascript
  • jscript
  • internet_explorer
CWE
CWE-20

Improper Input Validation

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer