ID de Prueba:	1.3.6.1.4.1.25623.1.0.809439
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Edge Multiple Vulnerabilities (3192890)
Resumen:	This host is missing a critical security; update according to Microsoft Bulletin MS16-119.
Descripción:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS16-119. Vulnerability Insight: Multiple flaws exist due to: - A remote code execution exist in the way that the Chakra JavaScript engine renders when handling objects in memory. - A remote code execution vulnerability exists in the way that Microsoft Edge improperly handles objects in memory. - An information disclosure exists when Microsoft browsers leave credential data in memory. - Multiple information disclosure exists when the Microsoft Edge improperly handles objects in memory. - An elevation of privilege when Microsoft Edge fails to properly secure private namespace. - A security feature bypass flaw exists when the Edge Content Security Policy fails to properly handle validation of certain specially crafted documents. Vulnerability Impact: Successful exploitation will allow remote attackers to execute arbitrary code in the context of the current user, and obtain information to further compromise the users system. Affected Software/OS: - Microsoft Windows 10 x32/x64 - Microsoft Windows 10 Version 1511 x32/x64 - Microsoft Windows 10 Version 1607 x32/x64 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-3267 BugTraq ID: 93376 http://www.securityfocus.com/bid/93376 Microsoft Security Bulletin: MS16-118 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-118 Microsoft Security Bulletin: MS16-119 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-119 http://www.securitytracker.com/id/1036992 http://www.securitytracker.com/id/1036993 Common Vulnerability Exposure (CVE) ID: CVE-2016-3331 BugTraq ID: 93387 http://www.securityfocus.com/bid/93387 Common Vulnerability Exposure (CVE) ID: CVE-2016-3382 BugTraq ID: 93386 http://www.securityfocus.com/bid/93386 Common Vulnerability Exposure (CVE) ID: CVE-2016-3386 BugTraq ID: 93426 http://www.securityfocus.com/bid/93426 Common Vulnerability Exposure (CVE) ID: CVE-2016-3387 BugTraq ID: 93381 http://www.securityfocus.com/bid/93381 https://www.exploit-db.com/exploits/40607/ Common Vulnerability Exposure (CVE) ID: CVE-2016-3388 BugTraq ID: 93382 http://www.securityfocus.com/bid/93382 https://www.exploit-db.com/exploits/40606/ Common Vulnerability Exposure (CVE) ID: CVE-2016-3389 BugTraq ID: 93398 http://www.securityfocus.com/bid/93398 Common Vulnerability Exposure (CVE) ID: CVE-2016-3390 BugTraq ID: 93383 http://www.securityfocus.com/bid/93383 Common Vulnerability Exposure (CVE) ID: CVE-2016-3391 BugTraq ID: 93379 http://www.securityfocus.com/bid/93379 Common Vulnerability Exposure (CVE) ID: CVE-2016-3392 BugTraq ID: 93401 http://www.securityfocus.com/bid/93401 Common Vulnerability Exposure (CVE) ID: CVE-2016-7189 BugTraq ID: 93427 http://www.securityfocus.com/bid/93427 Common Vulnerability Exposure (CVE) ID: CVE-2016-7190 BugTraq ID: 93428 http://www.securityfocus.com/bid/93428 Common Vulnerability Exposure (CVE) ID: CVE-2016-7194 BugTraq ID: 93399 http://www.securityfocus.com/bid/93399
Copyright	Copyright (C) 2016 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.