Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-3321)
Publish Date: 21 de сентября de 2016
Severity: : Critical
DESCRIPTION
A file name information disclosure vulnerability was discovered within Internet Explorer. The issue lies in the fact that Internet Explorer's behavior changes when dealing with URIs that point to existing local files versus URIs that point to non-existent files. It allows malicious pages to enumerate the existence of files in the victim's file system. This vulnerability was triggered only by local pages or ones opened from a network share.
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1007897