CVE-2016-3201

MEDIUM

Microsoft Edge and Windows - Information Disclosure via Crafted PDF Document

Title source: llm
STIX 2.1

Description

Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted PDF document, aka "Windows PDF Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3215.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1036099

Scores

CVSS v3 6.5
EPSS 0.2363
EPSS Percentile 97.5%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (5)
microsoft/edge
microsoft/windows_10
microsoft/windows_10 1511
microsoft/windows_8.1
microsoft/windows_server_2012 (2 CPE variants)
Published Jun 16, 2016
Tracked Since Feb 18, 2026