Published: 14/10/2016 Updated: 12/10/2018

CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9

CVSS v3 Base Score: 5.3 | Impact Score: 3.6 | Exploitability Score: 1.6

VMScore: 265

Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N

Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote malicious users to gain privileges via unspecified vectors, aka "Microsoft Browser Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3387.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft internet explorer 10
microsoft edge
microsoft internet explorer 11

/* Source: bugschromiumorg/p/project-zero/issues/detail?id=879 Windows: Edge/IE Isolated Private Namespace Insecure DACL EoP Platform: Windows 10 10586, Edge 251058600 not tested 81 Update 2 or Windows 7 Class: Elevation of Privilege Summary: The isolated private namespace created by ierutils has a insecure DACL which allows any app ...

CWE-264 http://www.securityfocus.com/bid/93382 http://www.securitytracker.com/id/1036993 http://www.securitytracker.com/id/1036992 https://www.exploit-db.com/exploits/40606/https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-119 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-118 https://nvd.nist.gov https://www.exploit-db.com/exploits/40606/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2016-3388

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect