Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
symantecSymantec Security ResponseSMNTC-91596
HistoryJul 12, 2016 - 12:00 a.m.

Microsoft Edge and Internet Explorer CVE-2016-3277 Information Disclosure Vulnerability

2016-07-1200:00:00
Symantec Security Response
www.symantec.com
18

0.663 Medium

EPSS

Percentile

97.9%

JSON

Description

Microsoft Edge and Internet Explorer are prone to a information-disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks.

Technologies Affected

  • Microsoft Edge
  • Microsoft Internet Explorer 10
  • Microsoft Internet Explorer 11

Recommendations

Block external access at the network boundary, unless external parties require service.
If global access isn’t needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of successful exploits.

Run all software as a nonprivileged user with minimal access rights.
Running server processes within a restricted environment using facilities such as chroot or jail may limit the consequences of successful exploits

Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to requests that include NOP sleds and unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.

Updates are available. Please see the references or vendor advisory for more information.

Related

checkpoint_advisories 1
cvelist 1
nvd 1
mscve 1
prion 1
cve 1
nessus 2
mskb 5
openvas 2
kaspersky 1
checkpoint_advisories
checkpoint_advisories
Microsoft Internet Explorer Information Disclosure (MS16-084 : CVE-2016-3277)
2016-07-12 00:00:00
cvelist
cvelist
CVE-2016-3277
2016-07-13 01:00:00
nvd
nvd
CVE-2016-3277
2016-07-13 01:59:31
mscve
mscve
Microsoft Browser Information Disclosure Vulnerability
2016-07-12 07:00:00
prion
prion
Information disclosure
2016-07-13 01:59:00
cve
cve
CVE-2016-3277
2016-07-13 01:59:31
nessus
nessus
MS16-085: Cumulative Security Update for Microsoft Edge (3169999)
2016-07-12 00:00:00
MS16-084: Cumulative Security Update for Internet Explorer (3169991)
2016-07-12 00:00:00
mskb
mskb
MS16-085: Cumulative security update for Microsoft Edge: July 12, 2016
2016-07-12 00:00:00
MS16-084: Security update for Internet Explorer: July 12, 2016
2016-07-12 07:00:00
MS16-084: Cumulative security update for Internet Explorer: July 12, 2016
2016-07-12 00:00:00
openvas
openvas
Microsoft Edge Multiple Vulnerabilities (3169999)
2016-07-13 00:00:00
Microsoft Internet Explorer Multiple Vulnerabilities (3169991)
2016-07-13 00:00:00
kaspersky
kaspersky
KLA10844 Multiple vulnerabilities in Microsoft Edge and Internet Explorer
2016-07-12 00:00:00

0.663 Medium

EPSS

Percentile

97.9%

JSON
Related for SMNTC-91596
checkpoint_advisories1cvelist1nvd1mscve1prion1cve1nessus2mskb5openvas2kaspersky1