Description
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, spoof user interface.
Below is a complete list of vulnerabilities:
- A use after free vulnerability in Tab Strip can be exploited to cause denial of service or execute arbitrary code.
- A use after free vulnerability in Perfomance Manager can be exploited to cause denial of service or execute arbitrary code.
- An implementation vulnerability in Background Fetch API can be exploited to cause denial of service.
- An implementation vulnerability in Google Updater can be exploited to cause denial of service.
- A side-channel information leakage vulnerability in DevTools can be exploited to obtain sensitive information.
- An implementation vulnerability in Navigation can be exploited to cause denial of service.
- A use after free vulnerability in File System API can be exploited to cause denial of service or execute arbitrary code.
- A use after free vulnerability in Task Manager can be exploited to cause denial of service or execute arbitrary code.
- A use after free vulnerability in Offline usecan be exploited to cause denial of service or execute arbitrary code.
- Use after free vulnerability in Portals can be exploited to cause denial of service or execute arbitrary code.
- A out of bounds read vulnerability in libjpeg-turbo can be exploited to cause denial of service or obtain sensitive information.
- An implementation vulnerability in Compositing can be exploited to cause denial of service.
- A security UI vulnerability in Web Browser UI can be exploited to spoof user interface.
- An implementation vulnerability in Blink graphics can be exploited to cause denial of service.
- A use after free vulnerability in WebGPU can be exploited to cause denial of service or execute arbitrary code.
- An implementation vulnerability in ChromeOS Networking can be exploited to cause denial of service.
Fiches de renseignement originales
- CVE-2021-37962
- CVE-2021-37968
- CVE-2021-37969
- CVE-2021-37963
- CVE-2021-37967
- CVE-2021-37958
- CVE-2021-37965
- CVE-2021-37970
- CVE-2021-37959
- CVE-2021-37956
- CVE-2021-37973
- CVE-2021-37972
- CVE-2021-37966
- CVE-2021-37971
- CVE-2021-37960
- CVE-2021-37957
- CVE-2021-37964
Exploitation
Public exploits exist for this vulnerability.
Produits associés
Liste CVE
- CVE-2021-37959 critical
- CVE-2021-37972 critical
- CVE-2021-37965 warning
- CVE-2021-37971 warning
- CVE-2021-37966 warning
- CVE-2021-37963 warning
- CVE-2021-37958 high
- CVE-2021-37962 critical
- CVE-2021-37964 warning
- CVE-2021-37969 critical
- CVE-2021-37970 critical
- CVE-2021-37967 warning
- CVE-2021-37956 critical
- CVE-2021-37961 critical
- CVE-2021-37968 warning
- CVE-2021-37957 critical
- CVE-2021-37960 warning
- CVE-2021-37973 critical
Liste KB
En savoir plus
Découvrez les statistiques de la propagation des vulnérabilités dans votre région statistics.securelist.com
Vous avez trouvé une inexactitude dans la description de cette vulnérabilité ? Faites-le nous savoir !