What is CVE-2016-3325?

CVE-2016-3325 is a low-severity vulnerability in Microsoft Edge, classified under Information Disclosure. CVSS score: 3.1/10. Published 2016-09-14.

How severe is CVE-2016-3325?

Low severity. CVSS v3 base score is 3.1 out of 10.

Information disclosure in Microsoft Edge

CVE-2016-3325

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."

Vulnerability class: Information Disclosure

EPSS: 0.539 (98.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 3.1 (Low). Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N.

Affected products

Microsoft Edge
Microsoft Internet_explorer — versions 11
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

1036789 (vdb-entry, x_refsource_SECTRACK)
MS16-104 (x_refsource_MS, vendor-advisory)
MS16-105 (x_refsource_MS, vendor-advisory)
40747 (exploit, x_refsource_EXPLOIT-DB)
1036788 (vdb-entry, x_refsource_SECTRACK)
92832 (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2016-3325?: CVE-2016-3325 is a low-severity vulnerability in Microsoft Edge, classified under Information Disclosure. CVSS score: 3.1/10. Published 2016-09-14.
How severe is CVE-2016-3325?: Low severity. CVSS v3 base score is 3.1 out of 10.