CVE-2016-3222

HIGH EXPLOITED

Microsoft Edge - Remote Code Execution via Memory Corruption

Title source: llm

Exploitation Summary

CVE-2016-3222 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including Skylined.

AI-analyzed exploit summary The document describes a memory corruption vulnerability in Microsoft Edge (CVE-2016-3222) triggered by crafted JavaScript code. It includes multiple proof-of-concept snippets that cause access violations or NULL pointer dereferences, with analysis suggesting potential for arbitrary code execution under specific conditions.

Description

Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."

Exploits (1)

exploitdb WRITEUP

by Skylined · textdoswindows

https://www.exploit-db.com/exploits/40880

View Code ZIP pw:eip

The document describes a memory corruption vulnerability in Microsoft Edge (CVE-2016-3222) triggered by crafted JavaScript code. It includes multiple proof-of-concept snippets that cause access violations or NULL pointer dereferences, with analysis suggesting potential for arbitrary code execution under specific conditions.

Classification

Writeup 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: Microsoft Edge (32-bit and 64-bit)

No auth needed

Prerequisites: Target user must visit a malicious webpage

MITRE ATT&CK