ByteOS Network

Vulnerability Details :

CVE-2016-3298

Assigner Org ID-f38d906d-7342-40ea-92c1-6c4a2c6478c8

Published At-14 Oct, 2016 | 01:00

Updated At-30 Jul, 2025 | 01:46

Microsoft Internet Explorer Messaging API Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Microsoft Internet Messaging API improperly handles objects in memory. An attacker who successfully exploited this vulnerability could allow the attacker to test for the presence of files on disk.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Known Exploited Vulnerabilities (KEV)

cisa.gov

Vendor:

Hyperlink	Resource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-118	vendor-advisory x_refsource_MS
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-126	vendor-advisory x_refsource_MS
http://www.securityfocus.com/bid/93392	vdb-entry x_refsource_BID
http://www.securitytracker.com/id/1036992	vdb-entry x_refsource_SECTRACK

Hyperlink	Resource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-118	vendor-advisory x_refsource_MS x_transferred
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-126	vendor-advisory x_refsource_MS x_transferred
http://www.securityfocus.com/bid/93392	vdb-entry x_refsource_BID x_transferred
http://www.securitytracker.com/id/1036992	vdb-entry x_refsource_SECTRACK x_transferred

Type	Version	Base score	Base severity	Vector
Primary	3.1	6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Secondary	3.1	6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Primary	2.0	2.6	LOW	AV:N/AC:H/Au:N/C:P/I:N/A:N

Hyperlink	Source	Resource
http://www.securityfocus.com/bid/93392	secure@microsoft.com	Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1036992	secure@microsoft.com	Broken Link Third Party Advisory VDB Entry
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-118	secure@microsoft.com	Patch Vendor Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-126	secure@microsoft.com	Patch Vendor Advisory
http://www.securityfocus.com/bid/93392	af854a3a-2127-422b-91ae-364da2661108	Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1036992	af854a3a-2127-422b-91ae-364da2661108	Broken Link Third Party Advisory VDB Entry
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-118	af854a3a-2127-422b-91ae-364da2661108	Patch Vendor Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-126	af854a3a-2127-422b-91ae-364da2661108	Patch Vendor Advisory

CVE-2016-3298

Credits

Microsoft Internet Explorer Messaging API Information Disclosure Vulnerability

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Microsoft Internet Explorer Messaging API Information Disclosure Vulnerability

Used in Ransomware

Unknown

CWE

Required Action:

Additional Notes:

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs