Test Kennung:	1.3.6.1.4.1.25623.1.0.809042
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft Edge Multiple Vulnerabities (3183043)
Zusammenfassung:	This host is missing a critical security; update according to Microsoft Bulletin MS16-105
Beschreibung:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS16-105 Vulnerability Insight: Multiple flaws exist due to: - The Microsoft Edge improperly handles objects in memory. - The Chakra JavaScript engine renders when handling objects in memory in Microsoft Edge. - The Microsoft Edge improperly handles cross-origin requests. - Certain functions improperly handles objects in memory. - The PDF Library and Microsoft Browser improperly handles objects in memory. Vulnerability Impact: Successful exploitation will allow remote attacker to execute arbitrary code in the context of the current user, to determine the origin of all of the web pages in the affected browser, and to obtain information to further compromise a target system. Affected Software/OS: - Microsoft Windows 10 x32/x64 - Microsoft Windows 10 Version 1511 x32/x64 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 7.6 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Querverweis:	BugTraq ID: 92828 BugTraq ID: 92834 BugTraq ID: 92789 BugTraq ID: 92830 BugTraq ID: 92829 BugTraq ID: 92832 BugTraq ID: 92807 BugTraq ID: 92793 Common Vulnerability Exposure (CVE) ID: CVE-2016-3247 http://www.securityfocus.com/bid/92828 Bugtraq: 20161118 CVE-2016-3247 Microsoft Edge CTextExtractor::GetBlockText OOB read details (Google Search) http://www.securityfocus.com/archive/1/539779/100/0/threaded https://www.exploit-db.com/exploits/40797/ http://seclists.org/fulldisclosure/2016/Nov/111 http://blog.skylined.nl/20161118002.html Microsoft Security Bulletin: MS16-104 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-104 Microsoft Security Bulletin: MS16-105 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-105 http://www.securitytracker.com/id/1036788 http://www.securitytracker.com/id/1036789 Common Vulnerability Exposure (CVE) ID: CVE-2016-3291 http://www.securityfocus.com/bid/92834 Common Vulnerability Exposure (CVE) ID: CVE-2016-3294 http://www.securityfocus.com/bid/92789 Common Vulnerability Exposure (CVE) ID: CVE-2016-3295 http://www.securityfocus.com/bid/92830 Common Vulnerability Exposure (CVE) ID: CVE-2016-3297 http://www.securityfocus.com/bid/92829 Common Vulnerability Exposure (CVE) ID: CVE-2016-3325 http://www.securityfocus.com/bid/92832 https://www.exploit-db.com/exploits/40747/ Common Vulnerability Exposure (CVE) ID: CVE-2016-3330 http://www.securityfocus.com/bid/92807 Common Vulnerability Exposure (CVE) ID: CVE-2016-3350 http://www.securityfocus.com/bid/92793 Common Vulnerability Exposure (CVE) ID: CVE-2016-3351 BugTraq ID: 92788 http://www.securityfocus.com/bid/92788 https://www.brokenbrowser.com/detecting-apps-mimetype-malware/ Common Vulnerability Exposure (CVE) ID: CVE-2016-3370 BugTraq ID: 92839 http://www.securityfocus.com/bid/92839 Microsoft Security Bulletin: MS16-115 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-115 Common Vulnerability Exposure (CVE) ID: CVE-2016-3374 BugTraq ID: 92838 http://www.securityfocus.com/bid/92838 http://blog.malerisch.net/2016/09/microsoft--out-of-bounds-read-pdf-library-cve-2016-3374.html http://srcincite.io/advisories/src-2016-39/ Common Vulnerability Exposure (CVE) ID: CVE-2016-3377 BugTraq ID: 92797 http://www.securityfocus.com/bid/92797
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.