Think you have a false positive on this rule?

Sid 1-49686

Message

BROWSER-IE Microsoft Internet Explorer Typed Array use after free attempt

Summary

The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7286, CVE-2016-7296, and CVE-2016-7297.

Impact

Attempted User Privilege Gain

CVE-2016-7288:

CVSS base score 7.5

CVSS impact score 5.9

CVSS exploitability score 1.6

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Detailed information

CVE-2016-7288: The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7286, CVE-2016-7296, and CVE-2016-7297.

Affected systems

  • microsoft edge -

Ease of attack

CVE-2016-7288:

Access Vector

Access Complexity

Authentication

False positives

False negatives

Corrective action

Contributors

  • Cisco Talos Intelligence Group

Additional References

  • technet.microsoft.com/en-us/security/bulletin/MS16-145