CVE-2016-3298 (internet_explorer, windows_7, windows_server_2008, windows_vista)
Microsoft Internet Explorer 9 through 11 and the Internet Messaging API in Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow remote attackers to determine the existence of arbitrary files via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
Source: CVE-2016-3298 (internet_explorer, windows_7, windows_server_2008, windows_vista)