CVE-2016-3298
Microsoft Internet Explorer Messaging API Information Disclosure Vulnerability
CVSS
—
No CVSS
EPSS
32.8%
p98
KEV
YES
May 24, 2022
Exploit Today
79
0-100
Published: — · Last modified: —
32.8%EPSS · 30 days32.8%
2026-06-302026-07-16
Product
Microsoft / Internet Explorer
Vulnerability
Microsoft Internet Explorer Messaging API Information Disclosure Vulnerability
Added to KEV
May 24, 2022
Remediate by
Jun 14, 2022
Known ransomware use
No
Summary description
An information disclosure vulnerability exists when the Microsoft Internet Messaging API improperly handles objects in memory. An attacker who successfully exploited this vulnerability could allow the attacker to test for the presence of files on disk.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2016-3298
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2010-3962—99.9%
KEV—80Microsoft Internet Explorer Uninitialized Memory Corruption Vulnerability—CVE-2016-0189—99.8%
KEV—80Microsoft Internet Explorer Memory Corruption Vulnerability—CVE-2010-0249—99.8%
KEV—80Microsoft Internet Explorer Use-After-Free Vulnerability—CVE-2020-0674—99.7%
KEV—80Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability—CVE-2014-1776—99.7%
KEV—80Microsoft Internet Explorer Memory Corruption Vulnerability—CVE-2013-3893—99.7%
KEV—80Microsoft Internet Explorer Resource Management Errors Vulnerability—