CVE-2016-3298 — Microsoft Internet Explorer Messaging API Information Disclosure Vulnerability
2022-05-24 • CISA Known Exploited Vulnerability
[event] An information disclosure vulnerability exists when the Microsoft Internet Messaging API improperly handles objects in memory. An attacker who successfully exploited this vulnerability could allow the attacker to test for the presence of files on disk.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | Microsoft |
| Product | Internet Explorer |
| CWE | CWE-200 |
| CVE ID | CVE-2016-3298 |
| Date Added | 2022-05-24 |
| Due Date | 2022-06-14 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply updates per vendor instructions.
Due Date: 2022-06-14