CVE-2016-0160 - Microsoft Internet Explorer 11 mishandles DLL loading, which allows local users to gain privileges v

CVE-2016-0160

Summary

Microsoft Internet Explorer 11 mishandles DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Remote Code Execution Vulnerability." <a href="http://cwe.mitre.org/data/definitions/426.html">CWE-426: Untrusted Search Path</a>

References

Vulnerable Configurations

cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*

CVSS

Base:	7.2 (as of 12-10-2018 - 22:11)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:C/I:C/A:C

msbulletin via4

bulletin_id	MS16-037
bulletin_url
date	2016-04-12T00:00:00
impact	Remote Code Execution
knowledgebase_id	3148531
knowledgebase_url
severity	Critical
title	Cumulative Security Update for Internet Explorer

refmap via4

bugtraq	20160415 Microsoft Internet Explorer 11 MSHTML.DLL Remote Binary Planting Vulnerability
fulldisc	20160416 Microsoft Internet Explorer 11 MSHTML.DLL Remote Binary Planting Vulnerability
misc	http://packetstormsecurity.com/files/136702/Microsoft-Internet-Explorer-11-DLL-Hijacking.html
sectrack	1035521

Last major update

12-10-2018 - 22:11

Published

12-04-2016 - 23:59

Last modified

12-10-2018 - 22:11