Vulnerability Details CVE-2016-3260
The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.202
EPSS Ranking 95.2%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.3
References
- http://www.securityfocus.com/bid/91580
- http://www.securitytracker.com/id/1036283
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-084
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-085
- http://www.securityfocus.com/bid/91580
- http://www.securitytracker.com/id/1036283
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-084
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-085
Products affected by CVE-2016-3260
-
cpe:2.3:a:microsoft:edge:-
-
cpe:2.3:a:microsoft:internet_explorer:11