SB2016051003 - Multiple vulnerabilities in Microsoft Internet Explorer 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2016051003

SB2016051003 - Multiple vulnerabilities in Microsoft Internet Explorer

Published: May 10, 2016 Updated: February 15, 2017

Security Bulletin ID SB2016051003
Severity
Critical
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Critical 20% High 60% Low 20%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Information disclosure (CVE-ID: CVE-2016-0194)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to improper handling of files. A remote attacker can create a specially crafted content, trick the victim into opening it, view the contents of arbitrary files on the system and use this information to launch further attacks.

Successful exploitation of the vulnerability results in information disclosure on the vulnerable system.

2) Memory corruption (CVE-ID: CVE-2016-0192)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error when handling malicious files. A remote attacker can create a specially crafted content, trick the victim into opening it, trigger memory corruption and execute arbitrary code.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

3) Memory corruption (CVE-ID: CVE-2016-0189)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the Scripting Engine when handling malicious files. A remote attacker can create a specially crafted content, trick the victim into opening it, trigger memory corruption and execute arbitrary code.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

Note: the vulnerability was being actively exploited.

4) Security bypass (CVE-ID: CVE-2016-0188)

The vulnerabiity allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to improper validation of code integrity by the User Mode Code Integrity (UMCI) component of Device Guard. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, bypass code-signing protection mechanism and execute a malicious code.

Successful exploitation of this vulnerability may result in arbitrary code execution on the vulnerable system.

5) Memory corruption (CVE-ID: CVE-2016-0187)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the Scripting Engine when handling malicious files. A remote attacker can create a specially crafted content, trick the victim into opening it, trigger memory corruption and execute arbitrary code.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

Remediation

Install update from vendor's website.

References