Multiple vulnerabilities in Microsoft Browser

Description

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, spoof user interface, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. Heap buffer overflow vulnerability in Tab Strip can be exploited to cause denial of service.
2. Use after free vulnerability in PDFium can be exploited to cause denial of service or execute arbitrary code.
3. A spoofing vulnerability in Microsoft Edge (Chromium-based) can be exploited remotely to spoof user interface.
4. Use after free vulnerability in Dawn can be exploited to cause denial of service or execute arbitrary code.
5. Inappropriate implementation vulnerability in Dawn can be exploited to cause denial of service.
6. Use after free vulnerability in V8 can be exploited to cause denial of service or execute arbitrary code.
7. A spoofing vulnerability in Microsoft Edge for iOS can be exploited remotely to spoof user interface.
8. Security vulnerability in CORS can be exploited to bypass security restrictions.
9. Type confusion vulnerability in V8 can be exploited to cause denial of service.
10. Inappropriate implementation vulnerability in Downloads can be exploited to cause denial of service.
11. Inappropriate implementation vulnerability in DevTools can be exploited to cause denial of service.
12. Inappropriate implementation vulnerability in Memory Allocator can be exploited to cause denial of service.
13. Heap buffer overflow vulnerability in Tab Groups can be exploited to cause denial of service.
14. Use after free vulnerability in Audio can be exploited to cause denial of service or execute arbitrary code.
15. Use after free vulnerability in Browser UI can be exploited to cause denial of service or execute arbitrary code.

Fiches de renseignement originales

• CVE-2024-5844

• CVE-2024-5847
• CVE-2024-38083
• CVE-2024-5831
• CVE-2024-5834
• CVE-2024-5846
• CVE-2024-5841
• CVE-2024-30057
• CVE-2024-5840
• CVE-2024-5838
• CVE-2024-5843
• CVE-2024-5836
• CVE-2024-5839
• CVE-2024-5833
• CVE-2024-5837
• CVE-2024-5832
• CVE-2024-5835
• CVE-2024-5830
• CVE-2024-30058
• CVE-2024-5845
• CVE-2024-5842

Produits associés

• Microsoft-Edge

Liste CVE

• CVE-2024-5847
  warning
• CVE-2024-5846
  warning
• CVE-2024-5842
  warning
• CVE-2024-5838
  warning
• CVE-2024-5839
  warning
• CVE-2024-5841
  warning
• CVE-2024-5833
  warning
• CVE-2024-5840
  warning
• CVE-2024-5837
  warning
• CVE-2024-5834
  warning
• CVE-2024-5831
  warning
• CVE-2024-5836
  warning
• CVE-2024-5844
  warning
• CVE-2024-5835
  warning
• CVE-2024-5830
  warning
• CVE-2024-5832
  warning
• CVE-2024-5843
  warning
• CVE-2024-5845
  warning
• CVE-2024-38083
  warning
• CVE-2024-30057
  high
• CVE-2024-30058
  high

En savoir plus

Découvrez les statistiques de la propagation des vulnérabilités dans votre région statistics.securelist.com