CVE-2016-3210

HIGH EXPLOITED

Internet Explorer 11 - Remote Code Execution via Scripting Engine Memory Corruption

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2016-3210 has been observed exploited in the wild (reported by VulnCheck KEV).

Description

The Microsoft (1) JScript and (2) VBScript engines, as used in Internet Explorer 11, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/91106
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1036096

Scores

CVSS v3 8.8
EPSS 0.2186
EPSS Percentile 97.3%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2021-08-17
CWE
CWE-119
Status published
Products (1)
microsoft/internet_explorer 11
Published Jun 16, 2016
Tracked Since Feb 18, 2026