Microsoft » Internet Explorer : Security Vulnerabilities, CVEs, CVSS score between 3 and 3.99

CVE-2016-3274

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to conduct content-spoofing attacks via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability."
Max CVSS
3.1
EPSS Score
6.57%
Published
2016-07-13
Updated
2018-10-12

CVE-2016-3276

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to conduct content-spoofing attacks via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability."
Max CVSS
3.1
EPSS Score
6.57%
Published
2016-07-13
Updated
2018-10-12

CVE-2016-3325

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
Max CVSS
3.1
EPSS Score
96.13%
Published
2016-09-14
Updated
2018-10-12

CVE-2016-3351

Known exploited
Used for ransomware
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
Max CVSS
3.1
EPSS Score
10.82%
Published
2016-09-14
Updated
2018-10-12
CISA KEV Added
2022-05-24

CVE-2016-7199

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the Same Origin Policy and obtain sensitive window-state information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
Max CVSS
3.1
EPSS Score
11.93%
Published
2016-11-10
Updated
2018-10-12

CVE-2016-7227

The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of local files via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability."
Max CVSS
3.1
EPSS Score
10.03%
Published
2016-11-10
Updated
2018-10-12

CVE-2016-7239

The RegEx class in the XSS filter in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive information via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability."
Max CVSS
3.1
EPSS Score
2.88%
Published
2016-11-10
Updated
2018-10-12

CVE-2017-11791

ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-11834.
Max CVSS
3.1
EPSS Score
0.94%
Published
2017-11-15
Updated
2017-12-07
8 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close