cnvd - cnvd-2016-04056

cnvd-2016-04056

Vulnerability from cnvd

Title: Microsoft Internet Explorer脚本引擎内存破坏漏洞（CNVD-2016-04056）

Description:

Microsoft Internet Explorer（IE）是美国微软（Microsoft）公司开发的一款Web浏览器，是Windows操作系统附带的默认浏览器。JScript是其中的一种解释性的基于对象的脚本语言；VBScript（全称Visual Basic Script）是其中的一种脚本语言，也是ASP动态网页默认的编程语言。

Microsoft IE 11版本中使用的JScript 9、JScript和VBScript引擎的呈现方式存在内存破坏漏洞。攻击者可利用该漏洞破坏内存，在当前用户的上下文中执行任意代码，获得与当前用户相同的用户权限。

Severity: 高

Patch Name: Microsoft Internet Explorer脚本引擎内存破坏漏洞（CNVD-2016-04056）的补丁

Patch Description:

Microsoft IE 11版本中使用的JScript 9、JScript和VBScript引擎的呈现方式存在内存破坏漏洞。攻击者可利用该漏洞破坏内存，在当前用户的上下文中执行任意代码，获得与当前用户相同的用户权限。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： https://technet.microsoft.com/library/security/ms16-063

Reference: https://technet.microsoft.com/library/security/ms16-063

Impacted products

Name
Microsoft IE 11

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-3205"
    }
  },
  "description": "Microsoft Internet Explorer\uff08IE\uff09\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u5f00\u53d1\u7684\u4e00\u6b3eWeb\u6d4f\u89c8\u5668\uff0c\u662fWindows\u64cd\u4f5c\u7cfb\u7edf\u9644\u5e26\u7684\u9ed8\u8ba4\u6d4f\u89c8\u5668\u3002JScript\u662f\u5176\u4e2d\u7684\u4e00\u79cd\u89e3\u91ca\u6027\u7684\u57fa\u4e8e\u5bf9\u8c61\u7684\u811a\u672c\u8bed\u8a00\uff1bVBScript\uff08\u5168\u79f0Visual Basic Script\uff09\u662f\u5176\u4e2d\u7684\u4e00\u79cd\u811a\u672c\u8bed\u8a00\uff0c\u4e5f\u662fASP\u52a8\u6001\u7f51\u9875\u9ed8\u8ba4\u7684\u7f16\u7a0b\u8bed\u8a00\u3002\r\n\r\nMicrosoft IE 11\u7248\u672c\u4e2d\u4f7f\u7528\u7684JScript 9\u3001JScript\u548cVBScript\u5f15\u64ce\u7684\u5448\u73b0\u65b9\u5f0f\u5b58\u5728\u5185\u5b58\u7834\u574f\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7834\u574f\u5185\u5b58\uff0c\u5728\u5f53\u524d\u7528\u6237\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u83b7\u5f97\u4e0e\u5f53\u524d\u7528\u6237\u76f8\u540c\u7684\u7528\u6237\u6743\u9650\u3002",
  "discovererName": "62600BCA031B9EB5CB4A74ADDDD6771E (via Trend Micro\u0027s Zero Day Initiative (ZDI)), Ashutosh Mehra (via Trend Micro\u0027s Zero Day Initiative (ZDI)), Masato Kinugawa of Cure53, Moritz Jodeit of Blue Frost Security, SkyLined (via iDefense), Tao Yan (@Ga1ois) of Pa",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://technet.microsoft.com/library/security/ms16-063",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-04056",
  "openTime": "2016-06-16",
  "patchDescription": "Microsoft Internet Explorer\uff08IE\uff09\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u5f00\u53d1\u7684\u4e00\u6b3eWeb\u6d4f\u89c8\u5668\uff0c\u662fWindows\u64cd\u4f5c\u7cfb\u7edf\u9644\u5e26\u7684\u9ed8\u8ba4\u6d4f\u89c8\u5668\u3002JScript\u662f\u5176\u4e2d\u7684\u4e00\u79cd\u89e3\u91ca\u6027\u7684\u57fa\u4e8e\u5bf9\u8c61\u7684\u811a\u672c\u8bed\u8a00\uff1bVBScript\uff08\u5168\u79f0Visual Basic Script\uff09\u662f\u5176\u4e2d\u7684\u4e00\u79cd\u811a\u672c\u8bed\u8a00\uff0c\u4e5f\u662fASP\u52a8\u6001\u7f51\u9875\u9ed8\u8ba4\u7684\u7f16\u7a0b\u8bed\u8a00\u3002\r\n\r\nMicrosoft IE 11\u7248\u672c\u4e2d\u4f7f\u7528\u7684JScript 9\u3001JScript\u548cVBScript\u5f15\u64ce\u7684\u5448\u73b0\u65b9\u5f0f\u5b58\u5728\u5185\u5b58\u7834\u574f\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7834\u574f\u5185\u5b58\uff0c\u5728\u5f53\u524d\u7528\u6237\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u83b7\u5f97\u4e0e\u5f53\u524d\u7528\u6237\u76f8\u540c\u7684\u7528\u6237\u6743\u9650\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Microsoft Internet Explorer\u811a\u672c\u5f15\u64ce\u5185\u5b58\u7834\u574f\u6f0f\u6d1e\uff08CNVD-2016-04056\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Microsoft IE 11"
  },
  "referenceLink": "https://technet.microsoft.com/library/security/ms16-063",
  "serverity": "\u9ad8",
  "submitTime": "2016-06-15",
  "title": "Microsoft Internet Explorer\u811a\u672c\u5f15\u64ce\u5185\u5b58\u7834\u574f\u6f0f\u6d1e\uff08CNVD-2016-04056\uff09"
}

CVE-2016-3205 (GCVE-0-2016-3205)

Vulnerability from cvelistv5

Published

2016-06-16 01:00

Modified

2024-08-05 23:47

Severity ?

CWE

Summary

The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3206 and CVE-2016-3207.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1036097	vdb-entry, x_refsource_SECTRACK
	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-063	vendor-advisory, x_refsource_MS
	http://www.securitytracker.com/id/1036096	vdb-entry, x_refsource_SECTRACK
	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-069	vendor-advisory, x_refsource_MS

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:47:58.535Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1036097",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036097"
          },
          {
            "name": "MS16-063",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-063"
          },
          {
            "name": "1036096",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036096"
          },
          {
            "name": "MS16-069",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-069"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-3206 and CVE-2016-3207."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "1036097",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036097"
        },
        {
          "name": "MS16-063",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-063"
        },
        {
          "name": "1036096",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036096"
        },
        {
          "name": "MS16-069",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-069"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2016-3205",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-3206 and CVE-2016-3207."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1036097",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036097"
            },
            {
              "name": "MS16-063",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-063"
            },
            {
              "name": "1036096",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036096"
            },
            {
              "name": "MS16-069",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-069"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2016-3205",
    "datePublished": "2016-06-16T01:00:00",
    "dateReserved": "2016-03-15T00:00:00",
    "dateUpdated": "2024-08-05T23:47:58.535Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted