Internet Explorer Security Feature Bypass via Crafted .url Files

Internet Explorer Security Feature Bypass via Crafted .url Files

CVE-2016-3353 · MEDIUM Severity

AV:N/AC:H/AU:N/C:P/I:P/A:P

Microsoft Internet Explorer 9 through 11 mishandles .url files from the Internet zone, which allows remote attackers to bypass intended access restrictions via a crafted file, aka "Internet Explorer Security Feature Bypass."

Learn more about our Web Application Penetration Testing UK.