Test ID:	1.3.6.1.4.1.25623.1.0.806680
Category:	Windows : Microsoft Bulletins
Title:	Microsoft Internet Explorer Multiple Vulnerabilities (3134220)
Summary:	This host is missing a critical security; update according to Microsoft Bulletin MS16-009.
Description:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS16-009. Vulnerability Insight: Multiple flaws exist due to: - An improper validation of input before loading dynamic link library (DLL) files. - An error in Hyperlink Object Library which improperly discloses the contents of its memory. - Multiple memory corrupt errors. - An improper parsing of HTTP responses. - An improper enforcing of cross-domain policies. Vulnerability Impact: Successful exploitation will allow remote attackers to execute arbitrary code, gain access to potentially sensitive information, conduct redirection attack and gain elevated privileges on the affected system. Affected Software/OS: Microsoft Internet Explorer version 9.x/10.x/11.x. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-0041 http://seclists.org/fulldisclosure/2016/Feb/49 https://www.securify.nl/advisory/SFY20150905/nps_datastore_server_dll_side_loading_vulnerability.html Microsoft Security Bulletin: MS16-009 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-009 Microsoft Security Bulletin: MS16-014 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-014 http://www.securitytracker.com/id/1034971 http://www.securitytracker.com/id/1034985 Common Vulnerability Exposure (CVE) ID: CVE-2016-0059 Common Vulnerability Exposure (CVE) ID: CVE-2016-0060 http://www.zerodayinitiative.com/advisories/ZDI-16-159 http://www.zerodayinitiative.com/advisories/ZDI-16-165 Microsoft Security Bulletin: MS16-011 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-011 http://www.securitytracker.com/id/1034972 Common Vulnerability Exposure (CVE) ID: CVE-2016-0061 http://www.zerodayinitiative.com/advisories/ZDI-16-162 Common Vulnerability Exposure (CVE) ID: CVE-2016-0062 http://www.zerodayinitiative.com/advisories/ZDI-16-158 Common Vulnerability Exposure (CVE) ID: CVE-2016-0063 https://www.exploit-db.com/exploits/40845/ http://blog.skylined.nl/20161128001.html http://www.zerodayinitiative.com/advisories/ZDI-16-166 Common Vulnerability Exposure (CVE) ID: CVE-2016-0064 Common Vulnerability Exposure (CVE) ID: CVE-2016-0067 Common Vulnerability Exposure (CVE) ID: CVE-2016-0068 Common Vulnerability Exposure (CVE) ID: CVE-2016-0069 BugTraq ID: 82665 http://www.securityfocus.com/bid/82665 http://jvn.jp/en/jp/JVN78383854/index.html http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000028.html Common Vulnerability Exposure (CVE) ID: CVE-2016-0071 Common Vulnerability Exposure (CVE) ID: CVE-2016-0072 http://www.zerodayinitiative.com/advisories/ZDI-16-157 Common Vulnerability Exposure (CVE) ID: CVE-2016-0077
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.