Lucene search
WanderingGlitch of the Zero Day InitiativeZDI-16-413HistoryJul 12, 2016 - 12:00 a.m.
Microsoft Chakra ArrayBuffer.transfer Uninitialized Buffer Information Leak Vulnerability
2016-07-1200:00:00
WanderingGlitch of the Zero Day Initiative
www.zerodayinitiative.com
27
EPSS
0.289
Percentile
96.9%
This vulnerability allows remote attackers to leak sensitive information on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of ArrayBuffer.transfer. The issue lies in the failure to properly initialize a buffer prior to returning it to the user. An attacker can leverage this vulnerability to leak sensitive information within the context of the current process.
Related
cvelist
cvelist
CVE-2016-3271
2016-07-13 01:00:00
cve
cve
CVE-2016-3271
2016-07-13 01:59:26
symantec
symantec
prion
prion
Information disclosure
2016-07-13 01:59:00
mscve
mscve
Windows Scripting Engine Memory Corruption Vulnerability
2016-07-12 07:00:00
nvd
nvd
CVE-2016-3271
2016-07-13 01:59:26
checkpoint_advisories
checkpoint_advisories
Microsoft Scripting Engine Information Disclosure (MS16-085: CVE-2016-3271)
2016-07-12 00:00:00
mskb
mskb
nessus
nessus
MS16-085: Cumulative Security Update for Microsoft Edge (3169999)
2016-07-12 00:00:00
openvas
openvas
Microsoft Edge Multiple Vulnerabilities (3169999)
2016-07-13 00:00:00
kaspersky
kaspersky
KLA10844 Multiple vulnerabilities in Microsoft Edge and Internet Explorer
2016-07-12 00:00:00