Description
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, spoof user interface, bypass security restrictions.
Below is a complete list of vulnerabilities:
- Heap buffer overflow vulnerability in Tab Strip can be exploited to cause denial of service.
- Use after free vulnerability in PDFium can be exploited to cause denial of service or execute arbitrary code.
- A spoofing vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to spoof user interface.
- Use after free vulnerability in Dawn can be exploited to cause denial of service or execute arbitrary code.
- Inappropriate implementation vulnerability in Dawn can be exploited to cause denial of service.
- Use after free vulnerability in V8 can be exploited to cause denial of service or execute arbitrary code.
- A spoofing vulnerability in Microsoft Edge for iOS can be exploited remotely to spoof user interface.
- Security vulnerability in CORS can be exploited to bypass security restrictions.
- Type confusion vulnerability in V8 can be exploited to cause denial of service.
- Inappropriate implementation vulnerability in Downloads can be exploited to cause denial of service.
- Inappropriate implementation vulnerability in DevTools can be exploited to cause denial of service.
- Inappropriate implementation vulnerability in Memory Allocator can be exploited to cause denial of service.
- Heap buffer overflow vulnerability in Tab Groups can be exploited to cause denial of service.
- Use after free vulnerability in Audio can be exploited to cause denial of service or execute arbitrary code.
- Use after free vulnerability in Browser UI can be exploited to cause denial of service or execute arbitrary code.
Original advisories
- CVE-2024-5847
- CVE-2024-38083
- CVE-2024-5831
- CVE-2024-5834
- CVE-2024-5846
- CVE-2024-5841
- CVE-2024-30057
- CVE-2024-5840
- CVE-2024-5838
- CVE-2024-5843
- CVE-2024-5836
- CVE-2024-5839
- CVE-2024-5833
- CVE-2024-5837
- CVE-2024-5832
- CVE-2024-5835
- CVE-2024-5830
- CVE-2024-30058
- CVE-2024-5845
- CVE-2024-5842
Related products
CVE list
- CVE-2024-5847 warning
- CVE-2024-5846 warning
- CVE-2024-5842 warning
- CVE-2024-5838 warning
- CVE-2024-5839 warning
- CVE-2024-5841 warning
- CVE-2024-5833 warning
- CVE-2024-5840 warning
- CVE-2024-5837 warning
- CVE-2024-5834 warning
- CVE-2024-5831 warning
- CVE-2024-5836 warning
- CVE-2024-5844 warning
- CVE-2024-5835 warning
- CVE-2024-5830 warning
- CVE-2024-5832 warning
- CVE-2024-5843 warning
- CVE-2024-5845 warning
- CVE-2024-38083 warning
- CVE-2024-30057 high
- CVE-2024-30058 high
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!