VYPR
High severity8.8NVD Advisory· Published Jul 13, 2016· Updated Jun 17, 2026

CVE-2016-3248

CVE-2016-3248

Description

The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3259.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
Microsoft.ChakraCoreNuGet
<= 1.2.0

Affected products

5
  • cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*
  • ghsa-coords
    Range: <= 1.2.0

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.

CVE-2016-3248 · High · VYPR