CVE-2016-3321

LOW

Microsoft Internet Explorer 10 and 11 - Information Disclosure via HTML5 Sandbox IFrame

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-3321. Includes Metasploit module auxiliary/gather/ie_sandbox_findfiles.

AI-analyzed exploit summary This Metasploit module exploits CVE-2016-3321, an information disclosure vulnerability in Internet Explorer 10 & 11. It uses HTML5 sandboxed iframes to determine the existence of local files by observing differences in behavior between existing and non-existent file:// URLs.

Description

Microsoft Internet Explorer 10 and 11 load different files for attempts to open a file:// URL depending on whether the file exists, which allows local users to enumerate files via vectors involving a file:// URL and an HTML5 sandbox iframe, aka "Internet Explorer Information Disclosure Vulnerability."

Exploits (1)

metasploit WORKING POC

rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/ie_sandbox_findfiles.rb

View Code ZIP pw:eip

This Metasploit module exploits CVE-2016-3321, an information disclosure vulnerability in Internet Explorer 10 & 11. It uses HTML5 sandboxed iframes to determine the existence of local files by observing differences in behavior between existing and non-existent file:// URLs.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Internet Explorer 10 & 11

No auth needed

Prerequisites: Local network access or Mark of the Web (MOTW) bypass · Target must access a malicious web page or SVG file

MITRE ATT&CK