Multiple vulnerabilities in Microsoft Edge

Description

Multiple serious vulnerabilities have been found in Microsoft Edge. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information and bypass security restrictions.

Below is a complete list of vulnerabilities:

1. An incorrect handling of objects in memory done by JScript and VBScript while rendering can be exploited remotely via a specially designed website or Microsoft Office document that hosts the IE engine to execute arbitrary code and gain privileges;
2. An improper handling of objects in memory done by affected components can be exploited remotely via specially designed content to obtain sensitive information;
3. An inaccurate parsing of HTTP responses can be exploited remotely via a specially designed website to spoof content or trigger another attack in web services;
4. A type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll can be exploited remotely via vectors involving a specially designed CSS token sequence and specially designed JavaScript code working with a TH element to execute arbitrary code and possibly to cause a denial of service;
5. An improper handling of objects in memory done by Microsoft Windows PDF can be exploited remotely via a specially designed website with malicious PDF content to execute arbitrary code;
6. A failure in applying Same Origin Policy for HTML elements present in the other browser windows can be exploited remotely via a specially designed webpage or website to bypass security restrictions;
7. An improper access to the objects in memorry can be exploited remotely via a specially designed website to execute arbitrary code.

Original advisories

• MS17-007

• CVE-2017-0065
• CVE-2017-0066
• CVE-2017-0067
• CVE-2017-0068
• CVE-2017-0069
• CVE-2017-0070
• CVE-2017-0071
• CVE-2017-0094
• CVE-2017-0037
• CVE-2017-0131
• CVE-2017-0132
• CVE-2017-0133
• CVE-2017-0134
• CVE-2017-0135
• CVE-2017-0136
• CVE-2017-0137
• CVE-2017-0138
• CVE-2017-0140
• CVE-2017-0141
• CVE-2017-0150
• CVE-2017-0151
• CVE-2017-0009
• CVE-2017-0010
• CVE-2017-0011
• CVE-2017-0012
• CVE-2017-0015
• CVE-2017-0017
• CVE-2017-0023
• CVE-2017-0032
• CVE-2017-0033
• CVE-2017-0034
• CVE-2017-0035

Exploitation

Public exploits exist for this vulnerability.

Related products

• Microsoft-Edge

CVE list

• CVE-2017-0065
  warning
• CVE-2017-0066
  warning
• CVE-2017-0067
  critical
• CVE-2017-0068
  warning
• CVE-2017-0069
  warning
• CVE-2017-0070
  critical
• CVE-2017-0071
  critical
• CVE-2017-0094
  critical
• CVE-2017-0037
  critical
• CVE-2017-0131
  critical
• CVE-2017-0132
  critical
• CVE-2017-0133
  critical
• CVE-2017-0134
  critical
• CVE-2017-0135
  warning
• CVE-2017-0136
  critical
• CVE-2017-0137
  critical
• CVE-2017-0138
  critical
• CVE-2017-0140
  warning
• CVE-2017-0141
  critical
• CVE-2017-0150
  critical
• CVE-2017-0151
  critical
• CVE-2017-0009
  warning
• CVE-2017-0010
  critical
• CVE-2017-0011
  warning
• CVE-2017-0012
  warning
• CVE-2017-0015
  critical
• CVE-2017-0017
  warning
• CVE-2017-0023
  critical
• CVE-2017-0032
  critical
• CVE-2017-0033
  warning
• CVE-2017-0034
  critical
• CVE-2017-0035
  critical

KB list

• 4012606
• 4013198
• 4013429

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com