CVSS: 7.6EPSS: 11%CPEs: 6EXPL: 0CVE-2016-3202
https://notcve.org/view.php?id=CVE-2016-3202
The Microsoft (1) Chakra JavaScript, (2) JScript, and (3) VBScript engines, as used in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." Los motores de Microsoft (1) Chakra de JavaScript, (2) JScript y (3) VBScript, tal como se utilizan en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, permiten a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocida como "Scripting Engine Memory Corruption Vulnerability". • http://www.securitytracker.com/id/1036096 http://www.securitytracker.com/id/1036099 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-063 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-068 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •