CVE-2016-3274

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 9 through 11 Microsoft Edge (affected versions not specified)

Description The issue is related to a spoofing attack that can be conducted via a crafted URL. An attacker could exploit this to trick a user by redirecting them to a specially crafted website, which could either spoof content or serve as a pivot to chain an attack with other vulnerabilities in web services. The problem is associated with inadequate access control and improper parsing of HTTP content by the Microsoft browser.

Recommendations For Microsoft Internet Explorer versions 9 through 11, update to a version that properly parses HTTP content to prevent spoofing attacks. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.