Sid 1-39833

Report a false positive

Rule Category

Alert Message

Rule Explanation

Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3322. Impact: CVSS base score 7.5 CVSS impact score 5.9 CVSS exploitability score 1.6 confidentialityImpact HIGH integrityImpact HIGH availabilityImpact HIGH Details: Ease of Attack:

What To Look For

Known Usage

No public information

False Positives

No known false positives

Contributors

MITRE ATT&CK Framework

Tactic:

Technique:

For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org

CVE

CVE-2016-3289

Additional Links

technet.microsoft.com/en-us/security/bulletin/MS16-095
technet.microsoft.com/en-us/security/bulletin/MS16-096

CVE Additional Information

CVE-2016-3289
Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3322.
Details
Severity Base Score7.5
Impact Score5.9 Exploit Score1.6
Confidentiality ImpactHIGH Integrity ImpactHIGH
Availability ImpactHIGH Access Vector
Authentication Ease of Access

Affected Systems