Lucene search

K
kasperskyKaspersky LabKLA10806
HistoryMay 10, 2016 - 12:00 a.m.

KLA10806 Multiple vulnerabilities in Microsoft Internet Explorer and Edge

2016-05-1000:00:00
Kaspersky Lab
threats.kaspersky.com
351

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.973 High

EPSS

Percentile

99.9%

Detect date:

05/10/2016

Severity:

High

Description:

Multiple serious vulnerabilities have been found in Microsoft Internet Explorer and Edge. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions or obtain sensitive information.

Affected products:

Microsoft Internet Explorer versions 9 through 11
Microsoft Edge

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

CVE-2016-0189
CVE-2016-0187
CVE-2016-0194
CVE-2016-0193
CVE-2016-0192
CVE-2016-0191
CVE-2016-0188
CVE-2016-0186

Impacts:

ACE

Related products:

Microsoft Internet Explorer

CVE-IDS:

CVE-2016-01897.6Critical
CVE-2016-01877.6Critical
CVE-2016-01942.6Warning
CVE-2016-01937.6Critical
CVE-2016-01927.6Critical
CVE-2016-01917.6Critical
CVE-2016-01889.3Critical
CVE-2016-01867.6Critical

Microsoft official advisories:

KB list:

3156421
3156387
3154070

Exploitation:

Public exploits exist for this vulnerability.

References

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.973 High

EPSS

Percentile

99.9%