Main Vulnerability Database Vulnerabilities #VU279

Information Disclosure in Microsoft Internet Explorer - CVE-2016-3321

Published: August 10, 2016 / Updated: September 14, 2018

Vulnerability identifier: #VU279

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:A/U:Clear

CVE-ID: CVE-2016-3321

CWE-ID: CWE-200

Exploitation vector: Remote access

Exploit availability: Public exploit is available

Vendor: Microsoft

Affected software:
Microsoft Internet Explorer

Detailed vulnerability description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists when Internet Explorer incorrectly handles web page content. A remote attacker can create a specially crafted web page, trick a victim to open that page in browser and determine presence of specific files on victim’s computer.

Successful exploitation of this vulnerability my allow an attacker to obtain potentially sensitive information.

How to mitigate CVE-2016-3321

Sources

https://technet.microsoft.com/en-us/library/security/ms16-095.aspx

Information Disclosure in Microsoft Internet Explorer - CVE-2016-3321

Detailed vulnerability description

How to mitigate CVE-2016-3321

Sources

Please verify you're human