CVE-2016-3210
HIGH EXPLOITEDInternet Explorer 11 - Remote Code Execution via Scripting Engine Memory Corruption
Title source: llmExploitation Summary
CVE-2016-3210 has been observed exploited in the wild (reported by VulnCheck KEV).
Description
The Microsoft (1) JScript and (2) VBScript engines, as used in Internet Explorer 11, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/91106
Vendor Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-063
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1036096
Scores
CVSS v3
8.8
EPSS
0.2186
EPSS Percentile
97.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
VulnCheck KEV
2021-08-17
CWE
CWE-119
Status
published
Products (1)
microsoft/internet_explorer
11
Published
Jun 16, 2016
Tracked Since
Feb 18, 2026