CVE-2016-0160

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer 11

Description The issue is related to the mishandling of DLL loading, allowing local users to gain privileges via a crafted application. A remote code execution vulnerability exists when Internet Explorer improperly validates input before loading dynamic link library (DLL) files. An attacker who successfully exploited this vulnerability could take control of an affected system, then install programs, view, change, or delete data, or create new accounts with full user rights. Users with fewer user rights on the system could be less impacted than users who operate with administrative user rights. To exploit the vulnerability, an attacker would first have to log on to the target system.

Recommendations For Microsoft Internet Explorer 11, at the moment, there is no information about a newer version that contains a fix for this vulnerability.