Home

CVE-2016-3374

Description

The PDF library in Microsoft Edge, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information via a crafted web site, aka PDF Library Information Disclosure Vulnerability, a different vulnerability than CVE-2016-3370.

Risk Information

Base Score
3.2
MODERATE
Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
EPSS Score
Exploitation Probability
32.313

Associated Vulnerability

VulnerabilityOS Platform
Windows Information Disclosure Vulnerability for Windows 10 for x64-based Systems (KB3185611) - CumulativeWindows
Windows Information Disclosure Vulnerability for Windows 10 Version 1511 for x64-based Systems (KB3185614) - CumulativeWindows
Windows Information Disclosure Vulnerability for Windows 10 Version 1511 (KB3185614) - CumulativeWindows
Microsoft Browser Information Disclosure Vulnerability for Windows Server 2012 (KB3184943)Windows
Microsoft Browser Information Disclosure Vulnerability for Windows Server 2012 R2 (KB3184943)Windows
Microsoft Browser Information Disclosure Vulnerability for Windows 8.1 for x64-based Systems (KB3184943)Windows
Microsoft Browser Information Disclosure Vulnerability for Windows 8.1 (KB3184943)Windows
Windows Information Disclosure Vulnerability for Windows 10 (KB3185611)Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-21344Cumulative Update for Windows 10 for x64-based Systems (KB3185611)
PATCH-21346Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3185614)
PATCH-21345Cumulative Update for Windows 10 Version 1511 (KB3185614)
PATCH-21486Security Update for Windows Server 2012 (KB3184943)
PATCH-21488Security Update for Windows Server 2012 R2 (KB3184943)
PATCH-21487Security Update for Windows 8.1 for x64-based Systems (KB3184943)
PATCH-21485Security Update for Windows 8.1 (KB3184943)
PATCH-21343Cumulative Update for Windows 10 (KB3185611)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234