FortiClient VulnerabilityMicrosoft Browser CVE-2016-3273 Information Disclosure Vulnerability
Description
An information disclosure vulnerability exists when the Microsoft Browser XSS Filter does not properly validate content under specific conditions. An attacker who exploited the vulnerability could run arbitrary JavaScript that could lead to an information disclosure. In a web-based attack scenario, an attacker could host a website in an attempt to exploit this vulnerability. In addition, compromised websites and websites that accept or host user-provided content could contain specially crafted content that could exploit the vulnerability. However, in all cases, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action. For example, an attacker could trick users into clicking a link that takes the user to the attacker's site. The security update addresses the vulnerability by correcting how the Microsoft Browser XSS Filter validates content.
Affected Applications
Internet Explorer 9
Microsoft Edge
Internet Explorer 11
Internet Explorer 10
CVE References
CVE-2016-3273Other References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-3273| ID | 51586 |
| Created | Sep 25, 2018 |
| Description Updated |
Dec 21, 2023 |
| Risk |
|
| Coverage | FortiClient |
| OS | Windows |
| Vendor | Microsoft |
| Patch | auto |
| Application | Internet Explorer 9 , Microsoft Edge , Internet Explorer 11 , Internet Explorer 10 |