1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Microsoft Internet Explorer CVE-2016-3375

Web Attack: Microsoft Internet Explorer CVE-2016-3375

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions.

Additional Information

Microsoft VBScript is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. Specifically, this issue exists in the OLE Automation mechanism.

Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Attackers can take advantage of this vulnerability to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions.

Affected

  • Internet Exporer 11
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube