13 Sep 2016
CVE-2016-3370 Vulnerability
Publié par . Publié dans Gain information
The PDF library in Microsoft Edge, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information via a crafted web site, aka "PDF Library Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3374. (CVSS:0.0) (Last Update:2016-09-14)
Vulnerability Details : The PDF library in Microsoft Edge, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information via a crafted web site, aka "PDF Library Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3374. Publish Date : 2016-09-14 Last Update Date : 2016-09-14 - CVSS Scores & Vulnerability Types CVSS Score | 0.0 | Confidentiality Impact | ??? | Integrity Impact | ??? | Availability Impact | ??? | Access Complexity | ??? | Authentication | ??? | Gained Access | None | Vulnerability Type(s) | Obtain Information | CWE ID | CWE id is not defined for this vulnerability | | | - Products Affected By CVE-2016-3370 # | Product Type | Vendor | Product | Version | Update | Edition | Language | | No vulnerable product found. If the vulnerability is created recently it may take a few days to gather vulnerable products list and other information like cvss scores. Please check again in a few days. | - References For CVE-2016-3370 http://technet.microsoft.com/en-us/security/bulletin/ms16-105 Microsoft Security Bulletin MS16-105 Cumulative Security Update for Microsoft Edge This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users with administrative user rights.
Vulnerabilities addressed in this bulletin:
- Microsoft Browser Memory Corruption Vulnerability
- Microsoft Browser Information Disclosure Vulnerability
- Microsoft Edge Memory Corruption Vulnerability
- Microsoft Browser Memory Corruption Vulnerability
- Microsoft Browser Memory Corruption Vulnerability
- Microsoft Browser Information Disclosure Vulnerability
- Microsoft Edge Memory Corruption Vulnerability
- Scripting Engine Memory Corruption Vulnerability
- Microsoft BrowsRelease Date:2016-09-13
| http://technet.microsoft.com/en-us/security/bulletin/ms16-115 Microsoft Security Bulletin MS16-115 Security Update for Microsoft Windows PDF Library This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow information disclosure if a user views specially crafted PDF content online or opens a specially crafted PDF document. Vulnerabilities addressed in this bulletin:
- PDF Library Information Disclosure Vulnerability
- PDF Library Information Disclosure Vulnerability
Release Date:2016-09-13 | | |
- Metasploit Modules Related To CVE-2016-3370There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information)
| |