Test ID:	1.3.6.1.4.1.25623.1.0.809042
Category:	Windows : Microsoft Bulletins
Title:	Microsoft Edge Multiple Vulnerabities (3183043)
Summary:	This host is missing a critical security; update according to Microsoft Bulletin MS16-105
Description:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS16-105 Vulnerability Insight: Multiple flaws exist due to: - The Microsoft Edge improperly handles objects in memory. - The Chakra JavaScript engine renders when handling objects in memory in Microsoft Edge. - The Microsoft Edge improperly handles cross-origin requests. - Certain functions improperly handles objects in memory. - The PDF Library and Microsoft Browser improperly handles objects in memory. Vulnerability Impact: Successful exploitation will allow remote attacker to execute arbitrary code in the context of the current user, to determine the origin of all of the web pages in the affected browser, and to obtain information to further compromise a target system. Affected Software/OS: - Microsoft Windows 10 x32/x64 - Microsoft Windows 10 Version 1511 x32/x64 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 7.6 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-3247 BugTraq ID: 92828 http://www.securityfocus.com/bid/92828 Bugtraq: 20161118 CVE-2016-3247 Microsoft Edge CTextExtractor::GetBlockText OOB read details (Google Search) http://www.securityfocus.com/archive/1/539779/100/0/threaded https://www.exploit-db.com/exploits/40797/ http://seclists.org/fulldisclosure/2016/Nov/111 http://blog.skylined.nl/20161118002.html Microsoft Security Bulletin: MS16-104 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-104 Microsoft Security Bulletin: MS16-105 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-105 http://www.securitytracker.com/id/1036788 http://www.securitytracker.com/id/1036789 Common Vulnerability Exposure (CVE) ID: CVE-2016-3291 BugTraq ID: 92834 http://www.securityfocus.com/bid/92834 Common Vulnerability Exposure (CVE) ID: CVE-2016-3294 BugTraq ID: 92789 http://www.securityfocus.com/bid/92789 Common Vulnerability Exposure (CVE) ID: CVE-2016-3295 BugTraq ID: 92830 http://www.securityfocus.com/bid/92830 Common Vulnerability Exposure (CVE) ID: CVE-2016-3297 BugTraq ID: 92829 http://www.securityfocus.com/bid/92829 Common Vulnerability Exposure (CVE) ID: CVE-2016-3325 BugTraq ID: 92832 http://www.securityfocus.com/bid/92832 https://www.exploit-db.com/exploits/40747/ Common Vulnerability Exposure (CVE) ID: CVE-2016-3330 BugTraq ID: 92807 http://www.securityfocus.com/bid/92807 Common Vulnerability Exposure (CVE) ID: CVE-2016-3350 BugTraq ID: 92793 http://www.securityfocus.com/bid/92793 Common Vulnerability Exposure (CVE) ID: CVE-2016-3351 BugTraq ID: 92788 http://www.securityfocus.com/bid/92788 https://www.brokenbrowser.com/detecting-apps-mimetype-malware/ Common Vulnerability Exposure (CVE) ID: CVE-2016-3370 BugTraq ID: 92839 http://www.securityfocus.com/bid/92839 Microsoft Security Bulletin: MS16-115 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-115 Common Vulnerability Exposure (CVE) ID: CVE-2016-3374 BugTraq ID: 92838 http://www.securityfocus.com/bid/92838 http://blog.malerisch.net/2016/09/microsoft--out-of-bounds-read-pdf-library-cve-2016-3374.html http://srcincite.io/advisories/src-2016-39/ Common Vulnerability Exposure (CVE) ID: CVE-2016-3377 BugTraq ID: 92797 http://www.securityfocus.com/bid/92797
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.