CVE-2016-3212

Name of the Vulnerable Software and Affected Versions Internet Explorer versions 9 through 11

Description The issue arises from the improper identification of JavaScript code by the XSS filter in Internet Explorer, making it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a specially crafted web site. This can also lead to a remote code execution vulnerability when the Internet Explorer XSS Filter does not properly validate JavaScript under specific conditions, allowing an attacker to run arbitrary code with medium-integrity level privileges.

Recommendations For Internet Explorer versions 9 through 11, consider disabling JavaScript execution in the browser as a temporary workaround until a patch is available. Restrict access to potentially vulnerable web sites to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.