FortiClient VulnerabilityMicrosoft Microsft Browser CVE-2016-7282 Information Disclosure Vulnerability
Description
An information disclosure vulnerability exists when Microsoft browsers do not properly validate content under specific conditions. An attacker who exploited the vulnerability could run arbitrary code that could lead to an information disclosure. In a web-based attack scenario, an attacker could host a website in an attempt to exploit the vulnerability. In addition, compromised websites and websites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. However, in all cases, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action. For example, an attacker could trick users into clicking a link that takes them to the attacker's site. The security update addresses the vulnerability by correcting how Microsoft browsers validate content.
Affected Applications
Internet Explorer 9
Microsoft Edge
Internet Explorer 11
Internet Explorer 10
Microsoft Windows Hyperlink Object Library on Windows Vista x64 Edition Service Pack 2
Windows Server 2008
Microsoft Windows Hyperlink Object Library on Windows Vista Service Pack 2
CVE References
CVE-2016-7282Other References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7282| ID | 51690 |
| Created | Sep 25, 2018 |
| Description Updated |
Dec 21, 2023 |
| Risk |
|
| Coverage | FortiClient |
| OS | Windows |
| Vendor | Microsoft |
| Patch | auto |
| Application | Internet Explorer 9 , Microsoft Edge , Internet Explorer 11 , Internet Explorer 10 , Microsoft Windows Hyperlink Object Library on Windows Vista x64 Edition Service Pack 2 , Windows Server 2008 , Microsoft Windows Hyperlink Object Library on Windows Vista Service Pack 2 |