← back
CVE-2016-3351

CVE-2016-3351

CVSS 6.5 MEDIUMEPSS 26.3%● KEV
In short

Internet Explorer and Microsoft Edge browsers leak sensitive information when visiting a malicious website. This could expose private data like browsing history or user information to attackers.

Technical detail

A remote attacker can craft a malicious web page that exploits an information disclosure vulnerability in IE 9-11 and Edge, allowing extraction of sensitive browser data or system information without user interaction beyond visiting the site.

Summary generated and translated by AI from the official description.
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-104https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-105https://www.brokenbrowser.com/detecting-apps-mimetype-malware/https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-3351http://www.securityfocus.com/bid/92788http://www.securitytracker.com/id/1036788http://www.securitytracker.com/id/1036789