CVE-2016-3387

HIGH

Microsoft Internet Explorer 10-11 and Edge - Elevation of Privilege via Private Namespace Access

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-3387. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit demonstrates an elevation of privilege vulnerability in Windows 10 Edge/IE by creating an isolated private namespace with an insecure boundary descriptor. The PoC allows non-appcontainer processes to gain elevated permissions on the namespace directory, potentially leading to privilege escalation.

Description

Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsoft Browser Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3388.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · c++localwindows

https://www.exploit-db.com/exploits/40607

View Code ZIP pw:eip

This exploit demonstrates an elevation of privilege vulnerability in Windows 10 Edge/IE by creating an isolated private namespace with an insecure boundary descriptor. The PoC allows non-appcontainer processes to gain elevated permissions on the namespace directory, potentially leading to privilege escalation.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Microsoft Edge/Internet Explorer on Windows 10 10586

Auth required

Prerequisites: Access to a non-appcontainer sandbox process · Edge/IE not already running · Ability to execute code as another user

MITRE ATT&CK