CVE-2016-3245 — Improper Access Control in Microsoft Internet Explorer

CWE-284 — Improper Access Control4 documents4 sources
Severity
6.5MEDIUMNVD
EPSS
10.5%
top 6.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedJul 13
Latest updateMay 14

Description

Microsoft Internet Explorer 9 through 11 allows remote attackers to trick users into making TCP connections to a restricted port via a crafted web site, aka "Internet Explorer Security Feature Bypass Vulnerability."

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

â–¶NVDmicrosoft/internet_explorer10, 11, 9+2

🔴Vulnerability Details

2
GHSA
GHSA-ghhg-gx8w-v7m2: Microsoft Internet Explorer 9 through 11 allows remote attackers to trick users into making TCP connections to a restricted port via a crafted web sit↗2022-05-14
â–¶
CVEList
CVE-2016-3245: Microsoft Internet Explorer 9 through 11 allows remote attackers to trick users into making TCP connections to a restricted port via a crafted web sit↗2016-07-13
â–¶

📋Vendor Advisories

1
Microsoft
Internet Explorer Security Feature Bypass Vulnerability↗2016-07-12
â–¶
CVE-2016-3245 — Improper Access Control in Microsoft | cvebase