CVE-2016-0162

EUVD-2016-0200
Microsoft Internet Explorer 9 through 11 allows remote attackers to determine the existence of files via crafted JavaScript code, aka "Internet Explorer Information Disclosure Vulnerability."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CISA-ADPADP
4.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 97%
Windows Releases
Platform
Version
Windows 10
(x64, x86)
KB4015221
1511 (x64, x86)
KB4015219
Windows 7
Service Pack 1 (x64, x86)
KB4015549
Windows 8.1
(x64, x86)
KB4015550
Windows RT 8.1
All
KB4015550
Windows Server 2008
Service Pack 2 (x64, x86)
KB4015219
Windows Server 2008 R2
Service Pack 1 (x64)
KB4015549
Windows Server 2012
Standard
KB4015551
Windows Server 2012 R2
Standard
KB4015550
Windows Vista
Service Pack 2
KB4015219
x64 Edition
KB4015219
References
http://www.securityfocus.com/bid/85939
http://www.securitytracker.com/id/1035521
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-037
http://www.securityfocus.com/bid/85939
http://www.securitytracker.com/id/1035521
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-037
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-0162