CVE-2016-3276Improper Access Control in Microsoft Internet Explorer

CWE-284Improper Access Control5 documents5 sources
Severity
3.1LOWNVD
OSV7.8
EPSS
7.2%
top 8.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Shadow Project ShadowMicrosoft Internet Explorer
Timeline
PublishedJul 13
Latest updateMay 14

Description

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to conduct content-spoofing attacks via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability."

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:NExploitability: 1.6 | Impact: 1.4

Affected Packages2 packages

Ubuntushadow_project/shadow< 1:4.1.5.1-1ubuntu9.5+1

🔴Vulnerability Details

3
GHSA
GHSA-cq9j-7r3r-xrff: Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to conduct content-spoofing attacks via a crafted URL, aka "Microsoft Browser2022-05-14
OSV
shadow regression2017-05-17
CVEList
CVE-2016-3276: Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to conduct content-spoofing attacks via a crafted URL, aka "Microsoft Browser2016-07-13

📋Vendor Advisories

1
Microsoft
Microsoft Browser Spoofing Vulnerability2016-07-12
CVE-2016-3276 — Improper Access Control in Microsoft | cvebase