Description
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, cause denial of service, spoof user interface, gain privileges, bypass security restrictions.
Below is a complete list of vulnerabilities:
- An information disclosure vulnerability in Microsoft Edge for Android can be exploited remotely to obtain sensitive information.
- Use after free vulnerability in Reading Mode can be exploited to cause denial of service or execute arbitrary code.
- Integer underflow vulnerability in WebUI can be exploited to cause execute arbitrary code and denial of service.
- A spoofing vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to spoof user interface.
- An elevation of privilege vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to gain privileges.
- Implementation vulnerability in Downloads can be exploited to cause denial of service.
- Policy enforcement vulnerability in iOS Security UI can be exploited to cause denial of service.
- Implementation vulnerability in Extensions API can be exploited to cause denial of service.
- Use after free vulnerability in WebAudio can be exploited to cause denial of service or execute arbitrary code.
- Implementation vulnerability in Accessibility can be exploited to cause denial of service.
- A spoofing vulnerability in Microsoft Edge for Android can be exploited remotely to spoof user interface.
- Implementation vulnerability in Autofill can be exploited to cause denial of service.
- Security UI vulnerability in Payments can be exploited to spoof user interface.
- Policy enforcement vulnerability in DevTools can be exploited to cause denial of service.
- Use after free vulnerability in Passwords can be exploited to cause denial of service or execute arbitrary code.
Fiches de renseignement originales
- CVE-2024-0813
- CVE-2024-0808
- CVE-2024-21383
- CVE-2024-21385
- CVE-2024-0805
- CVE-2024-21326
- CVE-2024-0804
- CVE-2024-0811
- CVE-2024-0807
- CVE-2024-0812
- CVE-2024-21387
- CVE-2024-0809
- CVE-2024-0814
- CVE-2024-0810
- CVE-2024-0806
Produits associés
Liste CVE
- CVE-2024-0808 critical
- CVE-2024-0805 warning
- CVE-2024-0807 critical
- CVE-2024-0810 warning
- CVE-2024-0804 critical
- CVE-2024-0806 critical
- CVE-2024-0811 warning
- CVE-2024-0813 critical
- CVE-2024-0812 critical
- CVE-2024-0814 high
- CVE-2024-0809 warning
- CVE-2024-21382 warning
- CVE-2024-21383 warning
- CVE-2024-21385 critical
- CVE-2024-21326 critical
- CVE-2024-21387 high
En savoir plus
Découvrez les statistiques de la propagation des vulnérabilités dans votre région statistics.securelist.com
Vous avez trouvé une inexactitude dans la description de cette vulnérabilité ? Faites-le nous savoir !