CVE-2016-7241

Published: 10/11/2016 Updated: 12/10/2018

CVSS v2 Base Score: 7.6 | Impact Score: 10 | Exploitability Score: 4.9

CVSS v3 Base Score: 7.5 | Impact Score: 5.9 | Exploitability Score: 1.6

VMScore: 765

Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

Microsoft Internet Explorer 11 and Microsoft Edge allow remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft internet explorer 11
microsoft edge

<!-- Source: bugschromiumorg/p/project-zero/issues/detail?id=952 There is an info leak in JSONparse If this function is called with a reviver, and the reviver modifies the output object to contain a native array, the Walk function assumes that this array is a Var array, and writes pointers to it These pointers can then be read out ...

Official Repository of the Bug Name Club project

Bug Name Club The Bug Name Club is an industry-recognized leading authority on the topic of naming vulnerabilities and other bug-branding related topics Long before the 😾😾😾 vulnerability, the Bug Name Club branded bugs such as CVE-2016-7241, named TestyHTTP That's like three whole years before 😾😾😾, proving our dominance and respect in the infosuck commu

CWE-119 http://www.securityfocus.com/bid/94055 https://www.exploit-db.com/exploits/40875/https://bugs.chromium.org/p/project-zero/issues/detail?id=952 http://packetstormsecurity.com/files/139991/Microsoft-Edge-JSON.parse-Information-Leak.html http://www.securitytracker.com/id/1037245 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-142 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-129 https://nvd.nist.gov https://github.com/0xdade/bugname.club https://www.exploit-db.com/exploits/40875/

CVE-2016-7241

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect