Microsoft Internet Explorer vulnerabilities

CVE-2016-3383 [HIGH] CWE-119 CVE-2016-3383: Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a d Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."

CVE-2016-3385 [HIGH] CWE-119 CVE-2016-3385: The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."

CVE-2016-3331 [HIGH] CWE-119 CVE-2016-3331: Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code o Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."

CVE-2016-3387 [HIGH] CWE-264 CVE-2016-3387: Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsoft Browser Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3388.

CVE-2016-3384 [HIGH] CWE-119 CVE-2016-3384: Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

CVE-2016-3298 [MEDIUM] CVE-2016-3298: Microsoft Internet Explorer 9 through 11 and the Internet Messaging API in Windows Vista SP2, Window Microsoft Internet Explorer 9 through 11 and the Internet Messaging API in Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow remote attackers to determine the existence of arbitrary files via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."

CVE-2016-3391 [MEDIUM] CWE-200 CVE-2016-3391: Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow context-dependent attackers to discov Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow context-dependent attackers to discover credentials by leveraging access to a memory dump, aka "Microsoft Browser Information Disclosure Vulnerability."

CVE-2016-3388 [MEDIUM] CVE-2016-3388: Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsoft Browser Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3387.

CVE-2016-3267 [MEDIUM] CWE-200 CVE-2016-3267: Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of unspecified files via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."

CVE-2016-3297 [HIGH] CVE-2016-3297: Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitr Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."

CVE-2016-3353 [HIGH] CWE-254 CVE-2016-3353: Microsoft Internet Explorer 9 through 11 mishandles .url files from the Internet zone, which allows Microsoft Internet Explorer 9 through 11 mishandles .url files from the Internet zone, which allows remote attackers to bypass intended access restrictions via a crafted file, aka "Internet Explorer Security Feature Bypass."

CVE-2016-3295 [HIGH] CWE-119 CVE-2016-3295: Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."

CVE-2016-3324 [HIGH] CVE-2016-3324: Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

CVE-2016-3247 [HIGH] CVE-2016-3247: Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code o Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."

CVE-2016-3375 [HIGH] CWE-119 CVE-2016-3375: The OLE Automation mechanism and VBScript scripting engine in Microsoft Internet Explorer 9 through The OLE Automation mechanism and VBScript scripting engine in Microsoft Internet Explorer 9 through 11, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow remote attackers to execute arbitrary code or cause a denial of service (memor

CVE-2016-3292 [MEDIUM] CWE-20 CVE-2016-3292: Microsoft Internet Explorer 10 and 11 mishandles integrity settings and zone settings, which allows Microsoft Internet Explorer 10 and 11 mishandles integrity settings and zone settings, which allows remote attackers to bypass a sandbox protection mechanism via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."

CVE-2016-3351 [MEDIUM] CVE-2016-3351: Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to obtain sensiti Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."

CVE-2016-3291 [LOW] CWE-200 CVE-2016-3291: Microsoft Internet Explorer 11 and Microsoft Edge mishandle cross-origin requests, which allows remo Microsoft Internet Explorer 11 and Microsoft Edge mishandle cross-origin requests, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."

CVE-2016-3325 [LOW] CWE-200 CVE-2016-3325: Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to obtain sensitive informa Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."

CVE-2016-3289 [HIGH] CWE-119 CVE-2016-3289: Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code via a craft Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3322.