vulnerability

Microsoft Windows: CVE-2016-3259: Scripting Engine Memory Corruption Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:M/Au:N/C:C/I:C/A:C)	Jul 13, 2016	Jun 10, 2024	May 8, 2026

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

Jul 13, 2016

Added

Jun 10, 2024

Modified

May 8, 2026

Description

The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3248.

Solutions

microsoft-windows-windows_10-1507-kb3163912microsoft-windows-windows_10-1511-kb3172985

References

CVE-2016-3259
https://attackerkb.com/topics/CVE-2016-3259
CWE-119
EUVD-EUVD-2022-5590
https://euvd.enisa.europa.eu/vulnerability/EUVD-2022-5590
https://support.microsoft.com/help/3163912
https://support.microsoft.com/help/3172985

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report