ID de Prueba:	1.3.6.1.4.1.25623.1.0.807346
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Edge Multiple Vulnerabilities (3169999)
Resumen:	This host is missing a critical security; update according to Microsoft Bulletin MS16-085.
Descripción:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS16-085. Vulnerability Insight: Multiple flaws exist due to: - A security feature bypass exists when Microsoft Edge does not properly implement Address Space Layout Randomization (ASLR). - Multiple remote code execution vulnerabilities exist when Microsoft Edge improperly accesses objects in memory. - Multiple remote code execution vulnerabilities exist in the way that the Chakra JavaScript engine renders when handling objects in memory - A spoofing vulnerability exists when a Microsoft browser does not properly parse HTTP content. - A spoofing vulnerability exists when the Microsoft Browser in reader mode does not properly parse HTML content. - An information disclosure vulnerability exists when the Microsoft Browser improperly handles objects in memory. Vulnerability Impact: Successful exploitation will allow remote attackers to trick a user into loading a page containing malicious content, to trick the user into opening the .pdf file and read information in the context of the current user and to execute arbitrary code. Affected Software/OS: - Microsoft Windows 10 x32/x64 - Microsoft Windows 10 Version 1511 x32/x64 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-3244 BugTraq ID: 91599 http://www.securityfocus.com/bid/91599 Microsoft Security Bulletin: MS16-085 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-085 http://www.securitytracker.com/id/1036286 Common Vulnerability Exposure (CVE) ID: CVE-2016-3246 BugTraq ID: 91602 http://www.securityfocus.com/bid/91602 Common Vulnerability Exposure (CVE) ID: CVE-2016-3248 BugTraq ID: 91578 http://www.securityfocus.com/bid/91578 Microsoft Security Bulletin: MS16-084 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-084 http://www.securitytracker.com/id/1036283 Common Vulnerability Exposure (CVE) ID: CVE-2016-3259 BugTraq ID: 91581 http://www.securityfocus.com/bid/91581 Common Vulnerability Exposure (CVE) ID: CVE-2016-3260 BugTraq ID: 91580 http://www.securityfocus.com/bid/91580 Common Vulnerability Exposure (CVE) ID: CVE-2016-3264 BugTraq ID: 91598 http://www.securityfocus.com/bid/91598 Common Vulnerability Exposure (CVE) ID: CVE-2016-3265 BugTraq ID: 91573 http://www.securityfocus.com/bid/91573 Common Vulnerability Exposure (CVE) ID: CVE-2016-3269 BugTraq ID: 91595 http://www.securityfocus.com/bid/91595 Common Vulnerability Exposure (CVE) ID: CVE-2016-3271 BugTraq ID: 91586 http://www.securityfocus.com/bid/91586 Common Vulnerability Exposure (CVE) ID: CVE-2016-3273 BugTraq ID: 91576 http://www.securityfocus.com/bid/91576 Common Vulnerability Exposure (CVE) ID: CVE-2016-3274 BugTraq ID: 91591 http://www.securityfocus.com/bid/91591 Common Vulnerability Exposure (CVE) ID: CVE-2016-3276 BugTraq ID: 91593 http://www.securityfocus.com/bid/91593 Common Vulnerability Exposure (CVE) ID: CVE-2016-3277 BugTraq ID: 91596 http://www.securityfocus.com/bid/91596
Copyright	Copyright (C) 2016 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.