CVE-2016-0160

EUVD-2016-0198
Microsoft Internet Explorer 11 mishandles DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Remote Code Execution Vulnerability."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 78%
Windows Releases
Platform
Version
Windows 10
(x64, x86)
KB3147461
1511 (x64, x86)
KB3147458
Windows 8.1
(x64, x86)
KB3148198
Windows RT 8.1
All
KB3148198
Windows Server 2012 R2
Standard
KB3148198
References
http://packetstormsecurity.com/files/136702/Microsoft-Internet-Explorer-11-DLL-Hijacking.html
http://seclists.org/fulldisclosure/2016/Apr/61
http://www.securityfocus.com/archive/1/538098/100/0/threaded
http://www.securitytracker.com/id/1035521
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-037
http://packetstormsecurity.com/files/136702/Microsoft-Internet-Explorer-11-DLL-Hijacking.html
http://seclists.org/fulldisclosure/2016/Apr/61
http://www.securityfocus.com/archive/1/538098/100/0/threaded
http://www.securitytracker.com/id/1035521
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-037