CVE-2016-7241
published 2016-11-10CVE-2016-7241: Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a…
PriorityP267high7.5CVSS 3.0
AVNACHPRNUIRSUCHIHAH
EXPLOIT
EPSS
71.49%
99.3th percentile
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | internet_explorer | — | — |
| msrc | internet_explorer_11_on_windows_10_for_32-bit_systems | — | — |
| msrc | internet_explorer_11_on_windows_10_for_x64-based_systems | — | — |
| msrc | internet_explorer_11_on_windows_10_version_1511_for_32-bit_systems | — | — |
| msrc | internet_explorer_11_on_windows_10_version_1511_for_x64-based_systems | — | — |
| msrc | internet_explorer_11_on_windows_10_version_1607_for_32-bit_systems | — | — |
| msrc | internet_explorer_11_on_windows_10_version_1607_for_x64-based_systems | — | — |
| msrc | internet_explorer_11_on_windows_8.1_for_32-bit_systems | — | — |
| msrc | internet_explorer_11_on_windows_8.1_for_x64-based_systems | — | — |
| msrc | internet_explorer_11_on_windows_rt_8.1 | — | — |
| msrc | internet_explorer_11_on_windows_server_2012_r2 | — | — |
| msrc | internet_explorer_11_on_windows_server_2016 | — | — |
| msrc | microsoft_edge_on_windows_10_for_32-bit_systems | — | — |
| msrc | microsoft_edge_on_windows_10_for_x64-based_systems | — | — |
| msrc | microsoft_edge_on_windows_10_version_1511_for_32-bit_systems | — | — |
| msrc | microsoft_edge_on_windows_10_version_1511_for_x64-based_systems | — | — |
| msrc | microsoft_edge_on_windows_10_version_1607_for_32-bit_systems | — | — |
| msrc | microsoft_edge_on_windows_10_version_1607_for_x64-based_systems | — | — |
| msrc | microsoft_edge_on_windows_server_2016 | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →The exploit abuses the JSON.parse reviver callback (second argument) to trigger an info leak / memory corruption in Microsoft Edge. Monitor for JavaScript using JSON.parse with a reviver function that modifies array elements and reads back shifted numeric values (>> 1) to leak memory addresses. ↗
- →Exploitation vector is a specially crafted website delivered via browser. Attacker must convince user to visit via email/IM enticement or compromised/ad-hosting sites. Monitor for drive-by download patterns targeting IE11/Edge user-agents. ↗
- ·Internet Explorer running in Enhanced Security Configuration (ESC) on Windows Server 2008/2008 R2/2012/2012 R2 reduces exploitation likelihood; sites not in the Trusted Sites zone are mitigated by default. ↗
- ·EMET can help mitigate exploitation attempts against IE on systems where it is installed and configured to work with Internet Explorer. ↗
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.07.6HIGHAV:N/AC:H/Au:N/C:C/I:C/A:C
vendor_msrc4.2MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Microsoft Browser Memory Corruption Vulnerability
vendor_msrc·2016-11-08·CVSS 4.2
CVE-2016-7241 [HIGH] Microsoft Browser Memory Corruption Vulnerability
Microsoft Browser Memory Corruption Vulnerability
Description: A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, the attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
An attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft browsers, and then convince
GHSA
GHSA-83qj-2pwf-j9c2: Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) vi
ghsa_unreviewed·2022-05-14
CVE-2016-7241 [HIGH] CWE-119 GHSA-83qj-2pwf-j9c2: Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) vi
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
No detection rules found.
Talos
Microsoft Patch Tuesday - November 2016
blogs_talos·2016-11-08
Microsoft Patch Tuesday - November 2016
## Microsoft Patch Tuesday - November 2016
Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. For a detailed explanaiton of each of the categories listed below, please go to https://technet.microsoft.com/en-us/security/gg309177.aspx .
This month's release is packed full of goodies, but you don't want to wait to review them over Thanksgiving dinner as there are 14 unique bulletins addressing multiple vulnerabilities.
Critical bulletins address vulnerabilities in (alphabetically):
Adobe Flash Player
Edge
Graphics Component
Internet Explorer
Video Control
Windows The remaining bulletins are rated Important or Moderate and address vulnerabilities in the following products (listed alphabetically):
B
Talos
Microsoft Patch Tuesday - November 2016
blogs_talos·2016-11-08
Microsoft Patch Tuesday - November 2016
Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. For a detailed explanaiton of each of the categories listed below, please go to https://technet.microsoft.com/en-us/security/gg309177.aspx.
This month's release is packed full of goodies, but you don't want to wait to review them over Thanksgiving dinner as there are 14 unique bulletins addressing multiple vulnerabilities.
Critical bulletins address vulnerabilities in (alphabetically):
- Adobe Flash Player
- Edge
- Graphics Component
- Internet Explorer
- Video Control
- Windows
The remaining bulletins are rated Important or Moderate and address vulnerabilities in the following products (listed alphabetically):
- Boot Manager*
- Common Log File System
Zscaler
Zscaler found Multiple Security Vulnerabilities | 11-08-2016
blogs_zscaler
Zscaler found Multiple Security Vulnerabilities | 11-08-2016
Provide users with seamless, secure, reliable access to applications and data.
Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud.
Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems.
Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners.
Industry Report
Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE)
USE CASES
INDUSTRY & MARKET SOLUTIONS
PARTNERS
TECHNOLOGY PARTNERS
Resource Center
Events & Trainings
Security Research & Services
Tools
Community & Support
CXO REVOLUTIONARIES
Amplifying the voices of real-world digital and zero trust pioneers
Discover how it began and where it’s going
Meet o
http://packetstormsecurity.com/files/139991/Microsoft-Edge-JSON.parse-Information-Leak.htmlhttp://www.securityfocus.com/bid/94055http://www.securitytracker.com/id/1037245https://bugs.chromium.org/p/project-zero/issues/detail?id=952https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-129https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-142https://www.exploit-db.com/exploits/40875/http://packetstormsecurity.com/files/139991/Microsoft-Edge-JSON.parse-Information-Leak.htmlhttp://www.securityfocus.com/bid/94055http://www.securitytracker.com/id/1037245https://bugs.chromium.org/p/project-zero/issues/detail?id=952https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-129https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-142https://www.exploit-db.com/exploits/40875/
2016-11-10
Published