Medium severity6.5NVD Advisory· Published Sep 14, 2016· Updated May 6, 2026

CVE-2016-3374

Description

The PDF library in Microsoft Edge, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information via a crafted web site, aka "PDF Library Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3370.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

blog.malerisch.net/2016/09/microsoft--out-of-bounds-read-pdf-library-cve-2016-3374.htmlnvd
srcincite.io/advisories/src-2016-39/nvd
www.securityfocus.com/bid/92838nvd
www.securitytracker.com/id/1036789nvd
docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-105nvd
docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-115nvd

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.026
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000