VYPR
High severity7.5NVD Advisory· Published Oct 14, 2016· Updated Jun 17, 2026

CVE-2016-3382

CVE-2016-3382

Description

The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as demonstrated by the Chakra JavaScript engine, aka "Scripting Engine Memory Corruption Vulnerability."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
Microsoft.ChakraCoreNuGet
< 1.2.11.2.1

Affected products

5
  • cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*
  • ghsa-coords
    Range: < 1.2.1

Patches

Vulnerability mechanics

References

12

News mentions

0

No linked articles in our index yet.