Multiple vulnerabilities in Microsoft Browsers

Beschreibung

Multiple serious vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, spoof user interface, bypass security restrictions and obtain sensitive information.

Below is a complete list of vulnerabilities:

1. Memory corruption vulnerability in Microsoft browsers can be exploited remotely via a specially designed website to execute arbitrary code;
2. Multiple vulnerabilities related to improper handling of objects in memory of Chakra scripting engine can be exploited remotely via a specially designed website to execute arbitrary code;
3. Memory corruption vulnerability in Microsoft Edge can be exploited remotely via a specially designed website to execute arbitrary code;
4. Unspecified vulnerability in Microsoft browsers can be exploited via unspecified vector to gain privileges;
5. Multiple vulnerabilities in Internet Explorer can be exploited remotely via a specially designed website to execute arbitrary code;
6. An incorrect HTTP content parsing method in Microsoft Edge can be exploited remotely via a specially designed website to spoof user interface;
7. An improper hyperlinks validation in Internet Explorer can be exploited remotely via specially designed website to execute arbitrary code;
8. An unspecified vulnerability in Microsoft browsers can be exploited remotely via a specially designed website to obtain sensitive information;
9. An improper audio requests handling in WebAudio Library can be exploited remotely via a specially designed website to obtain sensitive information.

Ursprüngliche Informationshinweise

• CVE-2018-8372

• CVE-2018-8266
• CVE-2018-8380
• CVE-2018-8387
• CVE-2018-8357
• CVE-2018-8353
• CVE-2018-8355
• CVE-2018-8383
• CVE-2018-8377
• CVE-2018-8389
• CVE-2018-8316
• CVE-2018-8388
• CVE-2018-8390
• CVE-2018-8385
• CVE-2018-8371
• CVE-2018-8351
• CVE-2018-8373
• CVE-2018-8403
• CVE-2018-8381
• CVE-2018-8370
• CVE-2018-8358

CVE Liste

• CVE-2018-8372
  critical
• CVE-2018-8385
  critical
• CVE-2018-8266
  critical
• CVE-2018-8380
  critical
• CVE-2018-8381
  critical
• CVE-2018-8355
  critical
• CVE-2018-8390
  critical
• CVE-2018-8387
  critical
• CVE-2018-8357
  critical
• CVE-2018-8353
  critical
• CVE-2018-8383
  critical
• CVE-2018-8377
  critical
• CVE-2018-8389
  critical
• CVE-2018-8316
  critical
• CVE-2018-8388
  critical
• CVE-2018-8371
  critical
• CVE-2018-8351
  critical
• CVE-2018-8373
  critical
• CVE-2018-8403
  critical
• CVE-2018-8370
  critical
• CVE-2018-8358
  critical

KB Liste

• 4343909
• 4343885
• 4343887
• 4343892
• 4343897
• 4343898
• 4343899
• 4343900
• 4343205
• 4343901

Mehr erfahren

Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com