FortiClient VulnerabilityMicrosoft Browser CVE-2016-3277 Information Disclosure Vulnerability
Description
An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit the vulnerability, in a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability. In addition, compromised websites and websites that accept or host user-provided content could contain specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action. For example, an attacker could trick users into clicking a link that takes them to the attacker's site. The update addresses the vulnerability by changing how certain functions handle objects in memory.
Affected Applications
Microsoft Edge
Internet Explorer 11
Internet Explorer 10
CVE References
CVE-2016-3277Other References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-3277| ID | 51589 |
| Created | Sep 25, 2018 |
| Description Updated |
Dec 21, 2023 |
| Risk |
|
| Coverage | FortiClient |
| OS | Windows |
| Vendor | Microsoft |
| Patch | auto |
| Application | Microsoft Edge , Internet Explorer 11 , Internet Explorer 10 |