CVE-2016-0162
published 2016-04-12CVE-2016-0162: Microsoft Internet Explorer 9 through 11 allows remote attackers to determine the existence of files via crafted JavaScript code, aka "Internet Explorer…
PriorityP275medium4.3CVSS 3.1
AVNACLPRNUIRSUCLINAN
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-06-14
Exploited in the wild
EPSS
22.09%
97.4th percentile
Microsoft Internet Explorer 9 through 11 allows remote attackers to determine the existence of files via crafted JavaScript code, aka "Internet Explorer Information Disclosure Vulnerability."
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| msrc | internet_explorer_10_on_windows_server_2012 | — | — |
| msrc | internet_explorer_11_on_windows_10_for_32-bit_systems | — | — |
| msrc | internet_explorer_11_on_windows_10_for_x64-based_systems | — | — |
| msrc | internet_explorer_11_on_windows_10_version_1511_for_32-bit_systems | — | — |
| msrc | internet_explorer_11_on_windows_10_version_1511_for_x64-based_systems | — | — |
| msrc | internet_explorer_11_on_windows_7_for_32-bit_systems_service_pack_1 | — | — |
| msrc | internet_explorer_11_on_windows_7_for_x64-based_systems_service_pack_1 | — | — |
| msrc | internet_explorer_11_on_windows_8.1_for_32-bit_systems | — | — |
| msrc | internet_explorer_11_on_windows_8.1_for_x64-based_systems | — | — |
| msrc | internet_explorer_11_on_windows_rt_8.1 | — | — |
| msrc | internet_explorer_11_on_windows_server_2008_r2_for_x64-based_systems_service_pac | — | — |
| msrc | internet_explorer_11_on_windows_server_2012_r2 | — | — |
| msrc | internet_explorer_9_on_windows_server_2008_for_32-bit_systems_service_pack_2 | — | — |
| msrc | internet_explorer_9_on_windows_server_2008_for_x64-based_systems_service_pack_2 | — | — |
| msrc | internet_explorer_9_on_windows_vista_service_pack_2 | — | — |
| msrc | internet_explorer_9_on_windows_vista_x64_edition_service_pack_2 | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability is actively exploited in the wild (Exploited:Yes per MSRC); monitor for crafted JavaScript probing file existence via Internet Explorer 9–11 ↗
- →Attack vector is web-based: attacker hosts or compromises a website delivering specially crafted JavaScript to IE 9–11 users; look for drive-by or social-engineering lure traffic to suspicious domains targeting IE clients ↗
- →The exploit leverages improper JavaScript handling in IE to detect specific files on the victim's filesystem; hunt for JS that enumerates local file paths (e.g., using error-based timing or exception side-channels on file:// or res:// URIs) ↗
- ·Affected scope is Internet Explorer versions 9 through 11 only; other browsers are not affected by this CVE ↗
- ·The fix restricts what information is returned to Internet Explorer from JavaScript; patched systems should no longer leak file-existence data, reducing the value of this as a recon primitive ↗
CVSS provenance
nvdv3.14.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
vulncheck4.3MEDIUM
cisa4.3MEDIUM
vendor_msrc4.3LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Microsoft Internet Explorer 9/10/11 Javascript information disclosure (MS16-037 / Nessus ID 90431)
vuldb·2026-04-23·CVSS 4.3
CVE-2016-0162 [MEDIUM] Microsoft Internet Explorer 9/10/11 Javascript information disclosure (MS16-037 / Nessus ID 90431)
A vulnerability categorized as problematic has been discovered in Microsoft Internet Explorer 9/10/11. This affects an unknown function of the component Javascript Handler. Such manipulation leads to information disclosure.
This vulnerability is traded as CVE-2016-0162. The attack may be launched remotely. Furthermore, there is an exploit available.
It is advisable to implement a patch to correct this issue.
GHSA
GHSA-gq2g-gj23-9684: Microsoft Internet Explorer 9 through 11 allows remote attackers to determine the existence of files via crafted JavaScript code, aka "Internet Explor
ghsa_unreviewed·2022-05-14
CVE-2016-0162 [MEDIUM] CWE-200 GHSA-gq2g-gj23-9684: Microsoft Internet Explorer 9 through 11 allows remote attackers to determine the existence of files via crafted JavaScript code, aka "Internet Explor
Microsoft Internet Explorer 9 through 11 allows remote attackers to determine the existence of files via crafted JavaScript code, aka "Internet Explorer Information Disclosure Vulnerability."
VulnCheck
Microsoft Internet Explorer Information Disclosure Vulnerability
vulncheck·2016·CVSS 4.3
CVE-2016-0162 [MEDIUM] CWE-200 Microsoft Internet Explorer Information Disclosure Vulnerability
Microsoft Internet Explorer Information Disclosure Vulnerability
An information disclosure vulnerability exists when Internet Explorer does not properly handle JavaScript. The vulnerability could allow an attacker to detect specific files on the user's computer.
Affected: Microsoft Internet Explorer
Required Action: Apply updates per vendor instructions.
Exploitation References: https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit; https://www.welivesecurity.com/2016/12/06/readers-popular-websites-targeted-stealthy-stegano-exploit-kit-hiding-pixels-malicious-ads/; https://api.msrc.microsoft.com/cvrf/v3.0/cvrf/2016-Apr; https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
Remediation Due: 2022-06-14
CISA
Microsoft Internet Explorer Information Disclosure Vulnerability
cisa·2022-05-24·CVSS 4.3
CVE-2016-0162 [MEDIUM] CWE-200 Microsoft Internet Explorer Information Disclosure Vulnerability
Vulnerability: Microsoft Internet Explorer Information Disclosure Vulnerability
Affected: Microsoft Internet Explorer
An information disclosure vulnerability exists when Internet Explorer does not properly handle JavaScript. The vulnerability could allow an attacker to detect specific files on the user's computer.
Required Action: Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2016-0162
Remediation Due Date: 2022-06-14
Microsoft
Internet Explorer Information Disclosure Vulnerability
vendor_msrc·2016-04-12·CVSS 4.3
CVE-2016-0162 [MEDIUM] Internet Explorer Information Disclosure Vulnerability
Internet Explorer Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when Internet Explorer does not properly handle JavaScript. The vulnerability could allow an attacker to detect specific files on the user's computer.
In a web-based attack scenario, an attacker could host a website used to attempt to exploit the vulnerability. In addition, compromised websites and websites that accept or host user-generated content could contain specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince users to take action. For example, an attacker could trick users into clicking a link that takes the
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.securityfocus.com/bid/85939http://www.securitytracker.com/id/1035521https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-037http://www.securityfocus.com/bid/85939http://www.securitytracker.com/id/1035521https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-037https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-0162
2016-04-12
Published
2022-05-24
Added to CISA KEV
Exploited in the wild